What an earthquake in Internet security: just recently, around 1.16 billion combinations of email addresses and associated passwords were published via the Mega cloud platform and discovered by Australian security researcher Troy Hunt. In the meantime, the data on the Mega platform has been deleted again – but numerous copies are circulating on the Internet! The logical consequence is that we should now all check our own e-mail addresses.
The latest monster data leak with the cryptic name “Collection #1” consists of 12,000 files with a volume of 87 gigabytes of data and more than 2.7 trillion entries. This includes 772 million different email addresses and 21 million passwords. This is probably the most gigantic collection of hacked data ever released.
And the drama continues: Already now the Darknet Collection #2-5 is announced. It seems that more than 2 billion email addresses are affected. This increases the probability that you yourself will be affected by a stolen password many times over.
Collection #1: How can I verify my email address?
The good news is: All Collection #1 data is already integrated into our database and you can immediately check your own email address with our Identity Inspector software. Be sure to react immediately to effectively protect your online accounts from abuse by cyber criminals. Act now! Test our Identity Inspector!
What to do if your data is affected by a data leak?
Immediately change the passwords for the services displayed by our software.
If your data appears in “Collection #1”, it is not yet clear where this data comes from. You should change all passwords that belong to this mail address. As a general rule, please always use different passwords. You can find tips for creating secure passwords in our blog on our website: https://engelmann.com/en/security/how-secure-is-my-password/
Steep pattern for hacker
The numerous copies of past data leaks, not just the current collection of Collection #1, pose a real problem. Much of the data is still up to date and the passwords are still active.
The consequences of this could be clearly seen in January 2019. Then it became known that the hacker Orbit had spied on hundreds of German politicians and celebrities. Among the published documents were copies of identity cards, Word and PDF documents as well as chat processes. All these data were probably obtained via accounts whose passwords had already been published a long time ago. Especially for such accounts you should now check your own e-mail address.
Of course you can also take a radical approach to your own protection and remove old burdens. In the more than 25 years since the Internet was founded, you have certainly created numerous accounts. And, hand on heart: you have often used identical passwords. Right guess? However, many of these services from the childhood days of the Internet are now idle – for example from Yahoo and AOL. So it might make sense to simply deactivate such old and unused accounts. Just clean up thoroughly – even in your digital world! If that’s going too far for you, at least let our Identity Inspectorcheck your e-mail address now!
Check your e-mail address now and beat criminals to the punch.
Of course, databases like Collection #1 or the announced Collection #2-5 also have their appeal for criminals. Recently, for example, blackmailing e-mails have been circulating that begin with “I know that your password is something#k1ljk”. The sender claims to be in possession of compromising videos and only a payment in Bitcoins can prevent publication. The videos didn’t exist, of course, the email is an empty threat. But also such blackmail comes from data leaks. And seem to be worth it, because otherwise the spammers would quickly stop. If you are insecure yourself, you should simply check your e-mail address with the Identity Inspector – and then sit back and relax.
Comparison of data leaks shows high match of passwords
One of the main problems of such data leaks is that many users use the same password for many or even all accounts. The attackers then simply try out the passwords they find at other popular services and they come into possession of private data. There are many prominent examples and even Mark Zuckerberg got it in the past, because he allegedly used the password “dadada” several times. Moreover, the password is really not a good idea.
Hey Mark, our Identity Inspector is just right for you, too. 🙂