Welcome to 2019, and welcome to another data breach. From researcher Troy Hunt, a large set of files were found on a cloud account. The file set included over 87 GB (that would be gigabyte) of data. In the data there was millions of email accounts and passwords. Today’s post will cover the data breach and what you can do. Alert: Another Day Another Data Breach
What Was Found
Based on the information released by Troy Hunt, a total of 773 million records were found on a cloud account online. It seems hackers discussing breach files in a chat room, is how the info came to light. The files that you will hear called “Collection #1“, had 773 million unique email addresses. In addition to those email addresses, there was over (and this is the BIG ONE) 21 million unique passwords. When they say unique passwords, that means that you could actually read the password.
That is what the biggest concern is. As noted in the TGM post “Passwords – That Thing That Annoys Me“, most people use the same email address and password across multiple accounts. So once the bad guys know what your email and password is (for example) google, what keeps them from testing that log in at major banks, or online shopping, or social media (among places that getting your info would put you at risk, while making them money).
Even if they don’t have your password, your email account is just as valuable. Once the bad guys have active account names, they can send spam in your name. They can also send you spam to try to trick you. Plus, once they have the info, they can use that to and tie it to other info that is online about you to get more of your details.
What Can You Do
The 1st thing you can do when it comes to this breach, or any breach, is visit Have I Been Pwned. This is a website that is also run by Troy Hunt, that lets you search if your info has been found in any of the known breaches.
On the website, when you enter your email address, and click on the pwned button, you will see if your info has been seen on any breach. If your info isn’t on any breach, then you will see a green box that tells you that you are safe.
However, if your data is pwned, you will see “Oh no – Pwned” in Red
and by scrolling down, you will see which breach(es) your info was exposed in.
- Changing Your Password
If you have found that your info has been exposed, 1st things to do is change the password. You want to make sure you change it ON EVERY SITE YOU USE IT. Keep in mind, you may have old accounts you haven’t used in years (Yahoo Mail anyone), you want to check even those accounts.
This final thought was originally written for the TGM Post – Passwords: That Thing That Annoys Me but it fits here just was well.
The reality is, if a bad guy wants to get your information, they will get it. However, think of it this way, every time you leave your house you lock your doors. That does not mean you will never have anyone break into your house. It just means you want to make it harder for them to break in. Consider the passwords you use in the same mindset.