This 87 GB data collection contains 773 million emails and 21 million passwords

Barely three weeks into the new year and it looks like we’ve already been subjected to one of the biggest data breaches ever. More than 700 million emails and 21 million passwords have been found floating on the web.

Security researcher Troy Hunt reported that he has discovered a massive collection of suspicious files on the file hosting site MEGA. The 87 GB collection had about 12,000 different files, which Hunt says have since been removed from the site but are still being circulated on an unnamed hacking forum. The report suggests that it contained no less than 2.7 billion records. In a blog post, Hunt confirms, “the unique email accounts totaled 772,904,991 and there are 21,222,975 unique passwords.”

Consequently, Hunt has started to maintain the ‘Have I been pawned’ website that shows if an email appears in a breach.

“What I can say is that my own personal data is in there and it’s accurate; right email address and a password I used many years ago. In short, if you’re in this breach, one or more passwords you’ve previously used are floating around for others to see,” Hunt added.

Hunt gave the gigantic data breach the title “Collection #1”. In the past, we have witnessed quite a few data breaches which leak email addresses and passwords to the dark web but nothing of this magnitude except for the Yahoo incident which affected 3 billion customers. This recently discovered breach is perhaps a sum of numerous unrevealed hacks. However, currently, the origins of this leak are unclear.

Now the biggest risk involved in the current circumstances is the affected people, unaware of the leak might be reusing the same login credentials across multiple sites, thereby allowing hackers to access their accounts. Since email and password are the only two variables required to take-over an online account, perhaps it’s time for everyone to change their passwords.

Related Posts