- Lil Nas X says he will perform at Area 51 for free 6 Months Ago
- The best Prime Day deals for gamers 6 Months Ago
- How Republicans are dancing around Trump’s racist tweets Today 12:42 PM
- Not even anti-immigrant groups are defending Trump’s ‘go back’ tweets Today 12:37 PM
- Netflix’s latest chase thriller ‘Point Blank’ lacks electricity Today 12:27 PM
- Jay Inslee floats Megan Rapinoe as his secretary of state pick Today 11:33 AM
- The cast list for the ‘Kingsman’ prequel movie looks totally nuts Today 11:17 AM
- The best Prime Day deals to heat up your kitchen Today 11:16 AM
- YouTuber Emily Hartridge killed in electric scooter crash Today 10:50 AM
- Is Lashana Lynch really playing 007 in the new Bond movie? Today 10:33 AM
- Trump demands apology after his racist tweets Today 10:21 AM
- Prime Day deals that’ll make you grateful for your Amazon membership Today 9:51 AM
- Netflix’s ‘4L’ takes a long road trip to the Sahara Today 9:04 AM
- Air Force says it’s ready to ‘protect’ Area 51 amid Facebook event buzz Today 9:02 AM
- Get 50% off 23andMe DNA tests today for Prime Day Today 9:00 AM
What you need to know about the data breach involving 773 email addresses
Josue Salazar/Flickr (CC-BY-ND)
It’s still a reminder to check your security hygiene.
A recently revealed collection of hundreds of millions of emails and passwords is being hailed as the largest data breach ever.
In a story first reported Wednesday, security researcher Troy Hunt announced that nearly 773 million unique emails and more than 21 million unique passwords had been exposed.
The seemingly unprecedented exposure, dubbed “Collection #1,” led to breathless headlines about the scale of the data. But a quick glance at Hunt’s own analysis reveals the issue to not be quite as serious as many believe.
While people may have the impression that all the credentials were obtained in a single mega-breach, the data is merely a collection of emails and passwords gathered from numerous previously known breaches.
Hunt, who runs the service “Have I Been Pwned” that allows anyone to check if their email has shown up in public breaches, even notes that more than 80 percent of the emails in Collection #1 were already known by his site.
As noted by Motherboard’s Lorenzo Franceschi-Bicchierai, “of the 22 million passwords, half were not in the database” as well.
Brian Krebs, a security expert and bestselling author, spoke with Sanixer, the hacker selling the Collection #1 data, and was told that the content was several years old.
“Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his ‘freshest’ offering,” Krebs writes. “Rather, he sort of steered me away from that archive, suggested that—unlike most of his other wares—Collection #1 was at least two to three years old.”
Still, the latest breach news should remind everyone to check their digital security hygiene.
Simple steps such as obtaining a password manager and making sure to create a strong and unique password for every service you use can help minimize the damage from data breaches. Setting up two-factor authentication can also protect you even if your password is compromised.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.