Unknown people put hundreds of millions of credentials online
A huge set of e-mail addresses and passwords has appeared in a hacker forum and been released under the name “Collection # 1”.
With an online service, you can check if your data is also affected:
Have I Been Pwned
The datasets contain over 1.16 billion combinations of e-mail addresses and passwords. Of these, 772 million e-mail addresses and 21 million passwords are unique.
The dataset is 87 gigabytes in size and contains 12,000 files.
Where the data comes from is unknown. After initial research on the net, it is probably not just the spoils of a single hack. The dataset is obviously composed of many different data leaks and comes from thousands of different sources.
Some passwords in plaintext are hidden in the datasets, which were originally obscured by services via a hash function.
If your own data is affected, you can find it via the online tool “ Have I Been Pwned ” , Here you can type in your email address and get immediate feedback if this is part of one of the known data thefts. The 772 million e-mail addresses from “Collection # 1” are also included there.
If your account data is affected, it can be a big problem for you. With the hacked data, the attacker can log in to your accounts and do a lot of damage.
If you are a godfather, here is my advice:
1. Immediately change your passwords for all your services associated with your email address. If you have used the same password for other services, you should change them there immediately.
2. Never use the same password for multiple services.
3. Use a password manager in the future.
4. Where possible, use two-factor authentication. With two-factor authentication, attackers need more than just your password to take on one of your accounts.