您的 IP 地址: 未知 · 您当前的状态: 受保护未受保护的未知
博客 News

What you need to know about the 770-million account breach

Everybody’s talking about Collection 1, the breach of 770 million people’s login information discovered by cybersecurity researcher Troy Hunt. Find out whether you should be worried about the breach and what you can do to protect yourself.

Daniel Markuson

Daniel Markuson

Jan 18, 2019 · 2 min read

What you need to know about the 770-million account breach

The facts

  • The “breach” is more like a collection of other breaches collected over time, many of which were already publicized separately (hence the name “Collection 1”). This is simply the first time that such a huge collection of compromised data was found being sold all in one place (check out the biggest breaches of 2018 here).
  • However, the collection contains roughly 140,000,000 email addresses that Hunt and his team at Haveibeenpwned.com have never seen before (read his report here). It is possible that this data has been bouncing around the dark web for some time as the product of other smaller breaches.
  • The scope of the data is really far more shocking than “just” 770 million people’s data, which is already a staggering number. According to Hunt, it includes “1,160,253,228 unique combinations of email addresses and passwords” and “21,222,975 unique passwords.”

Are you vulnerable?

You can use this tool to check if your password has been breached. It browses multiple databases, including those used by HaveIBeenPwned.

What to do if you’ve been compromised

Step 1 is to change your password for any email addresses that have been compromised or to change your passwords for any of your accounts that used the password that has been compromised. You can use these tips to create a strong password or use this strong random password generator.

The next steps will depend on the type of account that was compromised. If it’s your bank account, call your bank and ask them what they can do to keep your money safe. If it’s your email, check your history for strange messages that may have been part of a scam attack.