The biggest data leak in history: 773 Million Email Addresses And 21 Million Passwords Exposed - Techfint | Find the Technology

Friday, January 18, 2019

The biggest data leak in history: 773 Million Email Addresses And 21 Million Passwords Exposed

The biggest data leak in history: 773 Million Email Addresses And 21 Million Passwords Exposed

In our blog we have already pointed out some security measurements to keep your data safe in the internet. we have recommended some basic safety practices in our article What you should know about Personal Privacy on the Internet . How not to use the same password in all the sites we use, or use measures such as two-step authentication. But sometimes that is not enough. If an attacker gets directly into the database of the web we use, we probably can not do much about it.


data breach, data leak, data breaches 2018

The biggest data breach in the history


Now repeat that, billions of times. In particular, 2,692,818,238 times. That is the number of records that has the "Collection # 1", the database that has just been released on the Internet by unknown sources; and that stores an absurd amount of email addresses and passwords.

We are facing the biggest data leak in history; they are so many data, that they occupy nothing less than 87 GB of storage by themselves. This has been revealed by security expert Troy Hunt, who has had the daunting task of reviewing the database; and check to what extent we should fear for our safety. Hunt received the database anonymously through a MEGA account, the file sharing service; Although it has already been deleted from the original account, it is inevitable that it is already being shared throughout the network.





The numbers in Collection # 1 are a little dizzy. The database is composed of 2,692,818,238 entries, although in reality, we are facing a kind of Frankenstein monster. The data comes from thousands of leaks from different sites and services; The creators of this database have gathered the "booty" of these attacks in one place.

This brings us to the second number: in the database, there are more than one billion unique combinations of mail and password; therefore, more than one billion entries are repeated, probably because users have used the same password in different sites attacked.

Hundreds of millions of filtered email addresses and passwords


data breach 2019, data leak


The only positive thing is that some of these data can not be used, or at least not easily; in some cases, the hackers that obtained the data initially sabotaged or encrypted them, and even in some entries only compressed files are saved.

Once the initial cleanup was done, Troy Hunt discovered more than 770 million unique email addresses . This is the largest amount of emails leaked at one time. With such a quantity, it is very likely that if you read these words, this leak has affected you. The other important fact is that more than 21 million unique passwords have been found; This really reveals the extent to which we repeat the password in different services.

Of course, there is a margin of error for all these figures. These hackers are not precisely characterized by being clean and tidy, and there are many entries with rare characters, and even traps in the form of SQL strings (in case someone tried to add this database to your system). Some passwords are also "hashed", have been passed by algorithms that are the first line of defense in a service; however, that does not mean that they have been properly encrypted, and it is usually possible to obtain the contents of a hash.

How to know if our data has been filtered



This database is already being shared in hacking forums, as well as in Dark Web sites. Taking into account the figures we are talking about, it is very likely that you are affected. Fortunately, there is a sure way to know it.

data breach consequences, data breach news


And is that Troy Hunt is also responsible for Have I Been Pwned , one of the best security websites and we have already recommended other times. This web is very simple, we just have to enter our email address, and the web will tell us if it appears not only in the list of Collection # 1, but also in other leaks of recent years.

data breach 2019, data leak


In addition, we can also use Pwned Passwords to buy if our password is being shared. This does not always work, since it is possible that the password has been stored encrypted or "hasheada"; but it is important to check it also.

If our mail appears in the database, a warning will appear and we will receive some advice. The most important thing is to change the password of all the sites we use ; or use applications or services to generate new, more secure passwords. It is a long and tedious process, but the magnitude of the filtration is such that there are not many alternatives at the moment.

Also read ;

∎    What you should know about Personal Privacy on the Internet
∎    Best 5 Alternatives to Google based on Privacy
∎    Privacy Badger | Best Anti tracking extension
∎    Big data leak | Google shuts down google plus



Disclaimer: This post may contain affiliate links that earn me a small commission, at no additional cost to you. I only recommend products I personally use and love, or think my readers will find useful.
Read other related articles
© Copyright 2019 Techfint | All Rights Reserved