A massive data breach leaves around 773 million email addresses and more than 21 million passwords unprotected online. According to the security researcher Troy Hunt, the person behind the breach notification service website Have I Been Pwned, a huge database that includes records from more than 2,000 hacked databases was exposed online.
The breached data, which Troy Hunt dubbed it as Collection #1, include around 773 million (772,904,991) unique email addresses and 21 million (21,222,975) unique passwords. Sized around 87 GB, the breached records also included 1,160,253,228 unique combinations of breached email addresses and passwords. Hunt stated the data breach is made up of various individual data breaches from thousands of other sources.
“I found a combination of different delimiter types including colons, semicolons, spaces and indeed a combination of different file types such as delimited text files, files containing SQL statements and other compressed archives,” Troy Hunt said in a post.
Hunt stated that he discovered the data leak after one of his contacts pointed him to a hacking forum, where the hacked data was being kept for sale.
“Last week, multiple people reached out and directed me to a large collection of files on the popular cloud service, MEGA (the data has since been removed from the service). The collection totaled over 12,000 separate files and more than 87GB of data. One of my contacts pointed me to a popular hacking forum where the data was being socialized,” Hunt added.
Hunt stated that people can find out if their email and password were among the impacted accounts using his breach notification service Have I Been Pwned. He also suggested to change their passwords on an immediate basis.
Internet has seen multiple data leaks in the first month of 2019. Recently, social media platform Reddit alerted its users that some of their accounts were locked out because of suspicious activity. The US-based news aggregator stated that it received many requests for new passwords that may indicate unauthorized access. Also, Germany saw a massive data breach where personal data and documents of several eminent public personalities including the Chancellor Angela Merkel were published online.
