The huge ‘Collection #1’ data breach is only a small part of much larger hacker dataset

Stuff those credentials.
Stuff those credentials.

Image: ambar del moral / mashable

I guess they wouldn’t have numbered it if it was the only one. 

On Jan. 16, security research Troy Hunt uploaded a massive cache of leaked emails and passwords to his invaluable website have i been pwned. The 87GB dataset, dubbed “Collection #1,” was admittedly years old, and had been passed around by hackers for some time now. Still, the sheer scale of it — containing over 772 million email addresses — turned heads. Hold onto your digital butts, because as Krebs on Security reports, you ain’t seen nothing yet. 

According to Krebs, the Collection #1 data breach is, unsurprisingly, part of a much larger collection of stolen online credentials being sold online. And, taken as a whole, it dwarfs Collection #1’s size. 

Just how big are we talking? According to the hacker allegedly selling access to the data who communicated with Krebs over Telegram, the entire data set of email addresses and passwords comes close to 1TB. Brian Krebs, the infosec journalist behind Krebs on Security, tweeted a screenshot purportedly depicting a page listing the data for sale. 

In addition to the 87GB Collection #1, there’s a 526GB Collection #2, a 37GB Collection #3, a 178GB Collection #4, a 42GB Collection #5, and two other folders totaling an additional 126GB worth of credentials.

The seller told Krebs that, in total, they had close to 4TB of so-called password packages. Yeah, that’s a lot. According to the image above, the “Price for access lifetime” is only a cool $45. 

So your email, along with one or more passwords to various throwaway online accounts you’ve used and discarded over the years, is likely being traded on the dark web. What does this mean for you?

Well, if you’re smart about your online security, probably not too much immediately. Assuming you use unique passwords for each account online — and you definitely should — any of your passwords contained in the dataset would only gain a hacker access to one specific online service. Like, say, your old Tumblr account. And, if you use two-factor authentication, you’re likely in the clear. 

However, all this goes out the window if a hacker gets access to your main email account and can initiate password resets. And if the email account in question just so happens to share a password with your now-defunct Neopets account or whatever? You might legit be in trouble. Consider getting a password manager, and make sure your email has a unique password and 2FA. 

And then go about your normal online business, comfortable in the knowledge that your personal data is being sold to hackers for the low, low price of $45. 

Cms%252f2019%252f1%252f02ad2b2e a5e5 bb49%252fthumb%252f00001.jpg%252foriginal.jpg?signature=swq umrm8u9ztlnv1pvstaxqdqa=&source=https%3a%2f%2fvdist.aws.mashable



Source link

more recommended stories

  • Instagram can’t stop flood of grisly photos from Bianca Devins’ murder

    Instagram users are stepping up to.

  • SanDisk microSDXC card for Nintendo Switch for under £18

    Just to let you know, if.

  • New York City blackouts always bring the wildest photos

    It’s rare to catch New York.

  • Alexandria Ocasio-Cortez ‏joins chorus of facial recognition critics

    Alexandria Ocasio-Cortez knows what’s coming down.

  • Netflix’s ‘Point Blank’ fails Frank Grillo and Anthony Mackie: Review

    The following is a spoiler-free review.

  • Super Mario Party, Breville Espresso Maker, Beats Solo3, and more deals for July 12

    For all you Nintendo Switch owners,.

  • ‘The Lion King’ is a dutiful recreation of a beloved classic: Review

    There’s nothing really wrong with the.

  • ‘Stranger Things’ Monopoly game available for pre-order

    Just to let you know, if.

  • Lyft self-driving cars offer tactile maps, diagrams for blind riders

    Aptiv’s self-driving cars on the Lyft.

  • PS4 games, Sony speakers, Philips juicers, Logitech headsets, Kenwood stand mixers, and more on sale for July 9 in the UK

    Here’s some good news for anyone.

  • Watch Gordon Ramsay teach Lil Nas X how to make a panini

    Lil Nas X is a bonafide.

  • Vets treat ‘exotic’ bird, realize it’s just a seagull covered in curry

    An orange bird saved by passersby.

  • Why that devastating finale is a fake out

    This post contains spoilers for Season.

  • 10 deals on cool gadgets that’ll help you stay organized

    Just to let you know, if.

  • Genius creates a ‘Simpsons’- inspired steamed hams level using ‘Mario Maker 2’

    Proving there is no end to.

  • Apple works to resolve iCloud issues after outages reported

    Reports of iCloud outages made the.

  • Hey drivers, use this to discover how much Uber and Lyft take from you

    Uber and Lyft keep changing how.

  • The hard truth about California’s massive tree die-offs

    The number, so far, is over.

  • This Frigidaire retro mini fridge is on sale for $119 at Walmart

    Just to let you know, if.

  • iPhone game helps heart surgeons save lives

    Sam Glassenberg is no doctor, but.

  • Revolut launches new, effortless way to donate to charities

    Revolut is a UK-based financial services company.

  • This Amazon Web Services online course could help you kick off a new career

    Just to let you know, if.

  • Stormzy’s Glastonbury Festival set featured a badass BSL interpreter

    The U.K. grime star Stormzy staged.

  • Second U.S. city passes ban on facial recognition tech

    Image: Leon Neal/AFP/Getty Images Michael Kan.

  • Marianne Williamson’s oddball debate answers have made her into a meme

    If you found yourself thinking, “Who.

  • World cup soccer player Jessica McDonald being reunited with her son is super heartwarming

    If you haven’t cried yet today,.

  • JBL Pulse 3 waterproof speaker is on sale for $50 off at Walmart

    Just to let you know, if.

  • Gritty surprises kid with custom Gritty prosthetic leg

    Gritty is so many things, but.

  • Microsoft’s foldable Surface could support Android apps

    ““““`Microsoft’s next Surface could be unlike.

  • Elon Musk’s tweet about Mars is confusing the internet

    A few weeks ago, U.S. president.

  • The fat bear cams are back in business for 2019

    It’s high time to devour 4,500-calorie.

  • Future air travel at the Paris Air Show looks high-tech and autonomous

    While everyone on the ground is.