photo RSMAtnWebAdRed13.jpg

Investigators Discover Largest-Ever Collection of Breached Data

By Charles Miller

This headline has been repeated so many times in recent years that it has completely lost its impact on newspaper readers; nevertheless, it is here again: last month, a respected security researcher discovered a data dump of 87 gigabytes containing more than 770 million email addresses and passwords posted to a popular hacking forum, the biggest collection of stolen data ever found in one place.

Perhaps the only people slightly pleased to read this news work for Yahoo: now the half-billion passwords that company lost in 2013 no longer constitute the biggest security breach in history.

The provenance of this most recent list of email addresses and passwords is not clear. In total there are 21,222,975 unique passwords, rendering 1,160,253,228 unique combinations of email addresses and passwords. The list was probably created from many different individual data breaches and probably doesn’t represent a single hack of a very large service. Nevertheless, there are some 140 million new email addresses on this list never before seen. That makes it likely there has been another large data breach not reported to the public. Yahoo did manage to cover up its data breach for three years before admitting the truth.

There have been so many massive hackings of user credentials in recent years that we have reached a point where if you think it has not happened to you, then it probably already has and you just don’t know it yet.

There is actually an easy way to determine if your email address—and possibly your password—have been hacked, so I urge everyone to take a few minutes to do this:

There are two trusted websites where anyone can go to quickly determine if any email address is included in one of the data breaches. While these two separate websites contain duplications of entries, experts still recommend checking against both websites’ databases.

Point your web browser to “monitor.firefox.com” and then to “haveibeenpwned.com.” Enter your email address, and the websites will search through all the known data breaches to see if your email appears on any of those stolen lists.

When I entered one of my old now-disused email addresses, the Firefox Monitor instantly reported, “Your information was part of a data breach.” That was something I already sensed without knowing the specifics, but now I know that the party responsible for my having to change my email address several years ago was Adobe. On October 4, 2013, Adobe lost the personal information including names, username, passwords, and password recovery information for 152,445,165 customers, including me.

It is well worth your time to visit the websites mentioned here to learn whether or not your information has been stolen. If so, you should immediately change your password and also be aware of what other information was stolen.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com.

COMPUTERS

Comments are closed

 photo RSMAtnWebAdRed13.jpg
 photo RSMAtnWebAdRed13.jpg

Photo Gallery

 photo RSMAtnWebAdRed13.jpg
Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove