Collection #1 Data Breach: advice on passwords

Collection #1 Data Breach: advice on passwords

3/4 billion email addresses have been affected by the Collection #1 Data Breach. The email addresses together with passwords were uncovered in a number of files on the mega.nz cloud service (they have since been removed) and analysed by Troy Hunt for the Have I Been Pwned? service.

This is a service, free to sign up to, that will alert you if your email address appears to be part of a data breach. If you are alerted then you can decide whether you want to change your email password.

Troy Hunt has written a good explanation of the breach here: https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

It’s worth reading. But if you do nothing else, you should:

  1. Sign up to Have I Been Pwned
  2. Implement 2 factor authentication on your email accounts
  3. Make sure you are using a strong password – ideally 12 characters including letters numbers and capital letters and with no dictionary words or names included, remembering that hackers know that letter substitution happens e.g. @ is substituted for a. You should also consider using a password manager.

In response to the breach, Cyber Security specialist at ESET, Jake Moore says: “There has never been a better time to change your password. It is quite a feat not to have had an email address, or other personal information breached over the last decade. If you’re one of those people who think it won’t happen to you, and then it probably already has.

“Password managing applications are now widely accepted, and they are much easier to integrate into other platforms than before. Plus, they help you generate a completely random password for all of your different sites and apps. And if you’re questioning the security of a password manager, well they are incredibly safer to use than reusing the same three passwords for all your sites.”

Copyright Lyonsdown Limited 2021

Top Articles

The expert view: Accelerating the journey to the cloud

At a virtual seminar on 9 June 2021, sponsored by managed IT service provider Sungard Availability Services, eight senior IT decision makers gathered to discuss how organisations can accelerate their…

Ransomware attacks and the future role of the CISO - teissTalk

On 18 May, teissTalk host Jenny Radcliffe was joined by a panel of four cybersecurity experts in a wide-ranging discussion that covered government actions, ransomware attacks and the future of…

Communicating a Data Breach: Best Practices

When customers trust you with their personal data, they are expecting it to be protected. This means your response to a data breach is imperative and can make or break…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]