- ‘Game of Thrones’ brings us lots of horny Tormund memes 3 Months Ago
- Howard Schultz mocked for ‘majority of Americans are Americans’ ad 3 Months Ago
- The ultimate guide to strap-ons 3 Months Ago
- Why ‘Ant-Man and the Wasp’ is my favorite Marvel movie 3 Months Ago
- The quick and dirty guide to buying your first vibrator Today 7:45 AM
- How to watch ‘Live Rescue’ for free Today 7:00 AM
- Roger Stone to speak at Virginia strip club Today 6:56 AM
- Trans/Sex: Solid sex toy picks for pre-op and non-op trans women Today 6:30 AM
- Why Barrett Brown burned his National Magazine Award—and what he’s planning next Today 6:30 AM
- That heartbreaking ‘Game of Thrones’ song has key ties to the book Today 6:27 AM
- Here are the 11 best health documentaries on Netflix Today 6:00 AM
- How to add people to Google Home Today 6:00 AM
- How to play Fortnite on Mac Today 5:30 AM
- Feminist memes are a banner of social change on Instagram Today 5:00 AM
- VR game Jupiter and Mars thoughtfully explores climate change Today 4:30 AM
What you need to know about the data breach involving 773 email addresses
Josue Salazar/Flickr (CC-BY-ND)
It’s still a reminder to check your security hygiene.
A recently revealed collection of hundreds of millions of emails and passwords is being hailed as the largest data breach ever.
In a story first reported Wednesday, security researcher Troy Hunt announced that nearly 773 million unique emails and more than 21 million unique passwords had been exposed.
The seemingly unprecedented exposure, dubbed “Collection #1,” led to breathless headlines about the scale of the data. But a quick glance at Hunt’s own analysis reveals the issue to not be quite as serious as many believe.
While people may have the impression that all the credentials were obtained in a single mega-breach, the data is merely a collection of emails and passwords gathered from numerous previously known breaches.
Hunt, who runs the service “Have I Been Pwned” that allows anyone to check if their email has shown up in public breaches, even notes that more than 80 percent of the emails in Collection #1 were already known by his site.
As noted by Motherboard’s Lorenzo Franceschi-Bicchierai, “of the 22 million passwords, half were not in the database” as well.
Brian Krebs, a security expert and bestselling author, spoke with Sanixer, the hacker selling the Collection #1 data, and was told that the content was several years old.
“Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his ‘freshest’ offering,” Krebs writes. “Rather, he sort of steered me away from that archive, suggested that—unlike most of his other wares—Collection #1 was at least two to three years old.”
Still, the latest breach news should remind everyone to check their digital security hygiene.
Simple steps such as obtaining a password manager and making sure to create a strong and unique password for every service you use can help minimize the damage from data breaches. Setting up two-factor authentication can also protect you even if your password is compromised.
Mikael Thalen is a freelance journalist based in Seattle, covering all things technology, including social media, data breaches, hackers, and more.