Here we go again. 773 million email address and passwords have been leaked.
Security expert Troy Hunt dropped this bombshell this week on his blog. What he calls “Collection #1” is a set of email addresses and passwords that’s being shared on the dark web. Spanning different providers, nearly three-quarters of a billion user names and 21 million passwords are making the rounds.
If you want to check to see if you’ve been exposed, Hunt has dropped the data into this website, Have I Been Pwned, to check. Hunt noted of the 2.2 million people that use the website’s free monitoring service, 768,000 were flagged in this breach alone.
Note that you will get a mild sales pitch to use a secure password program when you visit the site, but there’s no obligation.
“…people take lists like these that contain our email addresses and passwords then they attempt to see where else they work. The success of this approach is predicated on the fact that people reuse the same credentials on multiple services. Perhaps your personal data is on this list because you signed up to a forum many years ago you’ve long since forgotten about, but because it’s subsequently been breached and you’ve been using that same password all over the place, you’ve got a serious problem.” – Troy Hunt
Security experts recommend you use complex passwords, change them regularly, and consider two-factor authentication.