Monster "Collection #1" breach exposes 773 M emails and 21 M passwords

Data breaches have been kind of norm for the past few years but the most recent one revealed yesterday is the mother of all data breaches.

The massive data breached named “Collection #1" has exposed emails and passwords of ..wait for it ........ 773 Million emails and 21 Million passwords of users online. The “Collection #1" data breach is the largest one by volume and has exposed 772,904,991 unique emails and 21,222,975 unique passwords. This is the largest one after the Yahoo data breach that exposed all 3 billions of its users.

Initially uploaded to the popular cloud service MEGA and later posted to a popular hacking forum, Collection #1 is a file comprising of 12,000 separate files that contain 87GB of data. This colossal breach has raised some serious questions regarding online security.

Collection #1 was first discovered by security researcher Troy Hunt who runs the site "Have I Been Pwned (HIBP)" which allows users to see if they've been hacked. The emails and passwords combination exposed, can be used by hackers to compromise users services ranging to various sites and services.

So that's the big one and all the details are in that blog post. This also means an updated Pwned Passwords which has gone from 517M records to 551M so there's a bunch of new ones in there https://t.co/pNWbgtnjiz

— Troy Hunt (@troyhunt) January 16, 2019

Since the first leak Troy Hunt has loaded 772,904,991 unique emails to the site. According to him more than a billion (1,160,253,228 to be exact) has been exposed including emails and passwords combination.

The troubling thing is the databases contain “dehashed” passwords, which means the methods used to scramble those passwords into unreadable strings has been cracked, fully exposing the passwords. Troy said that his own account has been compromised too as he found out the password he uses few years back was in the files and it was accurate. Troy said the following in his blog post:

“Right email address and a password I used many years ago. Like many of you reading this, I've been in multiple data breaches before which have resulted in my email addresses and yes, my passwords, circulating in public.”

So what does this all account for the common users who are online? According to Hunt, it means compromised email and password combos are more vulnerable for a practice called credential stuffing. Basically, credential stuffing is when breached username or email/password combos are used to hack into other user accounts. This could impact anyone who has used the same username and password combo across multiple sites. Since Collection #1 is a huge database with more than 2.7 billion combos, it is troubling case.

Should you be worried?

Absolutely. This is a huge data breach and has been dubbed "Mother of all breaches", so you should really give this a look and find out if your emails or passwords has been compromised.

According to security reporter Brian Krebs (via Gizmodo)  the  Collection #1 trove is just a single offering from a seller who claims to have at least six more batches of data. Even though the data is said to be 2-3 years old it can still be valuable to hackers.

The sale of some 773M email addresses and 21M unique passwords on a hacking forum has been dubbed the biggest ever. People are freaking out. But according to the guy selling this, it's neither new nor the biggest. It's about 2-3 years old https://t.co/TQxoSwpfSu pic.twitter.com/kpePzoOIqb

— briankrebs (@briankrebs) January 17, 2019

How can I know if I have been hacked and what to do if I have been?

If you are concerned (you should be) that you might have been hacked you can head over to HIPB and enter your email and password. 

Turns out I have been Pwned.

My own email and password have been exposed. Though the password was one I used over 2 years ago. This is exactly as Troy said. 

Hunt says in his blog: “Whilst I can't tell you precisely what password was against your own record in the breach, I can tell you if any password you're interested in has appeared in previous breaches Pwned Passwords has indexed. If one of yours shows up there, you really want to stop using it on any service you care about.” Hunt suggest to use 1Password's Watchtower feature to check your multiple password in one go against HIPB.

If you have been hacked you can do the following to stay safe and avoid future compromisation:

• First sensible to do will be to change the password immediately even if the password hasn't been compromised.
• Secondly, use two factor authentication. Meaning use your second email or your numbers to authenticate your password while logging in sites.
• Last but not the least, use password managers like Lastpass, 1Password or Dashlane to create complex passwords and phrases which will provide strong security.

If you follow these steps you can drastically reduce the chances of being safe and avoiding any future breaches.