Have You Been Pwned? 773 Million Email Addresses Go Public in Huge Data Leak

If you do not use a password manager and keep all your information online secured by one password, you should go and get one, an internet security researcher has warned, because your password might have been compromised in a large-scale data breach - an urgent threat in today's information society.
Sputnik

The emails and passwords of almost 773 million users have been stolen and leaked online in what has been billed as the biggest collection of breached data in history.

According to Troy Hunt, an American web security expert and Australian Microsoft regional director, the data has likely been accumulated from numerous individual data breaches "from literally thousands of different sources", rather than a massive hack of one database.

READ MORE: French Hacker Alerts Indian PM of Security Breach on His Website, Offers to Fix

The trove of emails, which comprises a total of 772,904,991 unique addresses and 21,222,975 unique passwords, has surfaced on a popular hacking forum. These email/password combinations could be used for credential stuffing, a type of hacking where an attacker injects them in an automated fashion to gain access to online services.

Kaspersky Spotted Leak NSA Missed as Spy Agency Lacks ‘Good Handle’ on Security

Troy Hunt has added the cache to his own service, Have I Been Pwned, where one can find out whether their data has been compromised in past breaches by simply checking if their email address is on the list.

While his breach-notification site cannot tell which password has been compromised, a previous or current one, the expert says the data collection is impressive enough for internet users to pay more attention to securing their accounts.

Hunt recommends using a password manager like 1Password to generate a random, unique password to secure email accounts as well as credit card services and online banking platforms. 

Discuss