Collection #1 Data Breach: advice on passwords

Collection #1 Data Breach: advice on passwords

3/4 billion email addresses have been affected by the Collection #1 Data Breach. The email addresses together with passwords were uncovered in a number of files on the mega.nz cloud service (they have since been removed) and analysed by Troy Hunt for the Have I Been Pwned? service.

This is a service, free to sign up to, that will alert you if your email address appears to be part of a data breach. If you are alerted then you can decide whether you want to change your email password.

Troy Hunt has written a good explanation of the breach here: https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

It's worth reading. But if you do nothing else, you should:

  1. Sign up to Have I Been Pwned
  2. Implement 2 factor authentication on your email accounts
  3. Make sure you are using a strong password - ideally 12 characters including letters numbers and capital letters and with no dictionary words or names included, remembering that hackers know that letter substitution happens e.g. @ is substituted for a. You should also consider using a password manager.

In response to the breach, Cyber Security specialist at ESET, Jake Moore says: “There has never been a better time to change your password. It is quite a feat not to have had an email address, or other personal information breached over the last decade. If you’re one of those people who think it won’t happen to you, and then it probably already has.

"Password managing applications are now widely accepted, and they are much easier to integrate into other platforms than before. Plus, they help you generate a completely random password for all of your different sites and apps. And if you’re questioning the security of a password manager, well they are incredibly safer to use than reusing the same three passwords for all your sites.”

Copyright Lyonsdown Limited 2020

Top Articles

SITA data breach compromised data associated with multiple international airlines

SIT, has revealed it recently suffered a major cyber attack that compromised information belonging to customers of several airline companies.

COVID-19-forced work shifts prompting shifts in IT priorities

IT and security teams are changing their priorities to adjust with remote work to ensure productivity amidst COVID-19 related lockdowns.

Tips for building a cyber-security war room

Cyber security war rooms are essential but you need the right team of decision makers to be involved & you need to practice a variety of scenarios

Related Articles