- 7-year-old YouTuber to get his own show on Nickelodeon 1 Month Ago
- ‘Hipster’ jobs are trending, and Indeed says the market is booming Today 3:33 PM
- Trump meme removed after copyright complaint Today 2:15 PM
- Facebook pushes back against moderators complaining about ‘Big Brother’ environment Today 12:46 PM
- Twitter hid post from an account linked to Iran’s Supreme Leader Today 10:17 AM
- How to stream Leo Santa Cruz vs. Rafael Rivera for free Today 8:00 AM
- ‘Larry Charles’ Dangerous World of Comedy’ finds the balance between tragedy and comedy Today 7:30 AM
- How to stream Michael ‘Venom’ Page vs. Paul Daley for free Today 7:00 AM
- How to watch the NBA Dunk Contest 2019 online for free Today 6:50 AM
- The best new TV shows to stream this weekend Today 6:00 AM
- Bug lets Twitter save your DMs—even after you delete them Friday 7:21 PM
- Guy mansplains song to Japanese Breakfast, the female artist who wrote the song Friday 6:38 PM
- Ann Coulter’s Twitter bio links to a vulgar parody account Friday 5:22 PM
- Popular YouTube music channel gets income yanked for ‘repetitious’ content Friday 4:14 PM
- New website will endlessly generate fake faces thanks to AI Friday 3:41 PM
What you need to know about the data breach involving 773 email addresses
Josue Salazar/Flickr (CC-BY-ND)
It’s still a reminder to check your security hygiene.
A recently revealed collection of hundreds of millions of emails and passwords is being hailed as the largest data breach ever.
In a story first reported Wednesday, security researcher Troy Hunt announced that nearly 773 million unique emails and more than 21 million unique passwords had been exposed.
The seemingly unprecedented exposure, dubbed “Collection #1,” led to breathless headlines about the scale of the data. But a quick glance at Hunt’s own analysis reveals the issue to not be quite as serious as many believe.
While people may have the impression that all the credentials were obtained in a single mega-breach, the data is merely a collection of emails and passwords gathered from numerous previously known breaches.
Hunt, who runs the service “Have I Been Pwned” that allows anyone to check if their email has shown up in public breaches, even notes that more than 80 percent of the emails in Collection #1 were already known by his site.
As noted by Motherboard’s Lorenzo Franceschi-Bicchierai, “of the 22 million passwords, half were not in the database” as well.
Brian Krebs, a security expert and bestselling author, spoke with Sanixer, the hacker selling the Collection #1 data, and was told that the content was several years old.
“Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his ‘freshest’ offering,” Krebs writes. “Rather, he sort of steered me away from that archive, suggested that—unlike most of his other wares—Collection #1 was at least two to three years old.”
Still, the latest breach news should remind everyone to check their digital security hygiene.
Simple steps such as obtaining a password manager and making sure to create a strong and unique password for every service you use can help minimize the damage from data breaches. Setting up two-factor authentication can also protect you even if your password is compromised.
Mikael Thalen is a freelance journalist based in Seattle, covering all things technology, including social media, data breaches, hackers, and more.