About 2.2 billion usernames and passwords are vulnerable. The data was made available in forums and torrents for free by hackers. Most logins have been revealed in previous leaks, including violations on Yahoo, LinkedIn, and Dropbox, but are also exposed with credentials from recent attacks.
READ: Serious error releases 21 million Internet passwords; take cover
Some believe that this is the biggest leak of private information ever seen on the Internet. The case surprised experts, as criminals often sell the data rather than publishing it for free on the web.
Leak hit more than 2 billion accounts Photo: Pound5
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
It all started in early January, when a database called Collection # 1, with 773 million usernames and passwords leaked, was identified by cybersecurity expert Troy Hunt. Then other researchers discovered more stolen data sets called Collections # 2 The # 5, which total 845 GB and 25 billion records. According to analysts at the Hasso Plattner Institute in Potsdam, Germany, there are many duplicate credentials, but still the second wave is almost three times the first. Packages have already circulated widely in the hacker underworld.
The size of the leak is quite significant, however, much of the old data from robberies years ago and already reported. But another new feature: 750 million logins and passwords that had not yet been released, according to the German organization. They suggest that some of the information may have been obtained through automated hacking of smaller, less popular sites.
750 million credentials reported in data leak Photo: Creative Commons / Flickr / elhombredenegro
Exposed data can be used to hack accounts from the same users across multiple services Photo: Reproduction / Paulo Alves
Using the misrepresented data, hackers can use old passwords to try to hack accounts of the same users across multiple services, taking advantage of the fact that many people repeat their keywords in multiple locations. Therefore, avoid this practice and have a different password for each account. If the problem can remember so much, an option is to use a password manager program.
You can check if you are among the people hit by the huge leak. Access the tool created by the researchers (sec.hpi.de/ilc/search), enter your email address and wait for the reply. There are also sites with a large database leaked for consultation, such as Have I Been Pwned, where you can check if your passwords have ever been compromised. If you discover any vulnerabilities, change the password on the respective site or application.
How to remove MS Outlook PST file password? Find out on the dnetc Forum.
What ransomware: five tips to protect yourself
