772 million passwords hacked – monster vulnerability
Unknown people put hundreds of millions of login credentials online.
A huge data set of email addresses and passwords has appeared in a hacking forum and published under the name “Collection # 1”.
You can use an online service to check whether part of your data is also affected:
The datasets contain over 1.16 billion combinations of email addresses and passwords. Of these, 772 million email addresses and 21 million passwords are unique.
The data set is 87 gigabytes in size and comprises 12,000 files.
It is not known where the data come from in detail. According to initial research on the Internet, it is probably not just the booty of a single hack. The dataset is obviously made up of many different data leaks and comes from thousands of different sources.
Some of the data records contain clear text passwords that were originally disguised by services using a hash function.
You can find out whether your own data is affected using the online tool “Have I Been Pwned“. Here you can type in your e-mail address and you will immediately receive a response as to whether this is part of a known data theft. The 772 million e-mail addresses from “Collection # 1” are also included there.
If your account data is affected, it can be a big problem for you. With the hacked data, the attacker can log into your accounts and cause great damage.
If you are concerned, here is my advice:
1. Immediately change your passwords for all of your services connected to your email address. If you have used the same password for other services, you should change them there immediately.
2. Never use the same password for multiple services.
3. Use a password manager in the future.
4. Use two-factor authentication where possible. With two-factor authentication, attackers need more than just your password to take over one of your accounts.
Check out my other articles on IT security: