With nearly 22 million passwords and 773 million emails compromised by hackers in the Collection #1 database, it is time to change your password and reevaluate your online security.
You Might Be Pwned
Troy Hunt was updated that a large file of 12,000 separate files and 87GB of data deemed Collection #1 had been uploaded to MEGA and a popular hacking forum. The passwords contained in the file are “
Hunt went into detail that Collection #1 compiled emails and passwords from numerous data breaches from allegedly thousands of sources, dated all the way back to 2008. Troy Hunt immediately updated HaveIBeenPwned with Collection #1 leaked emails and passwords. Check out his site and see if your credentials have been impacted.
Compromised email and password combinations are vulnerable for a practice called Credential Stuffing. In a short, credential stuffing involves breached data, such as a username/email and password combination, to infiltrate associated accounts across multiple sites.
Collection #1 released 2.7 billion combinations; 140 million emails and 10 million passwords were new to Hunt’s HaveIBeenPwned site — in other words, they’re not from previously reported
Secure Your Digital Life
With this shocking discovery of Collection #1, we advise everyone to check HaveIBeenPwned to see if their credentials were impacted. If you see a red screen flash before you once you hit enter, it is time to change your passwords.
Create a Strong, Unique Password
We recommend you to choose a phrase and use the first letter of each word. Then use capitalization and symbols in place of letters. For example, a phrase can be: Kelly and Matt save for five vacations in the United Kingdom. A strong password from that phrase would look something like this: K&M$45vitUK. Now that’s one strong unique password!
Each password should be unique to each account, so if a hacker compromised one password they only have access to one account. By having a password manager such as LastPass, all you have to do is remember one Master password and LastPass remembers the rest as you grow your vault.
Enable Two Factor Authentication
By enabling two-factor authentication (2FA) for accounts, a code will be sent to your phone or email associated with that account. The code would need to be put in correctly in order to gain access to the account. With 2FA, an extra layer of protection is established to ensure you are the only one accessing your accounts.
Even if you do check HaveIBeenPwned and find out that you are in the clear, take a double look at your passwords and see if you can make any of them stronger against cybercriminals, especially your bank account passwords. Keep a password manager to organize all your unique passwords, and enable two-factor authentication for an extra layer of protection for your accounts. Stay safe, secure, and aware out there on the web!