January 17, 2019 at
While hacking attacks, malware infections, and data theft were a common part of the internet ever since its beginning, many argue that the situation regarding online privacy and security has never been as bad as it is today. It has been only a bit over two weeks since the new year started, and security researchers have already reported one of the biggest data breaches since Yahoo data leak of 2013.
According to reports made by a security researcher Troy Hunt, a massive data leak has recently exposed over 773 million email addresses, as well as around 21 million passwords. Hunt stated that he was receiving reports of a massive group of files which were located on MEGA. The file group consists of around 12,000 individual files, with a size of 87GB.
While MEGA has removed the files since the reports started coming in, Hunt uncovered another location where the files exist as well — a hacking forum which he decided not to address by name.
While small compared to the Yahoo data leak which exposed around 3 billion accounts in 2013, this leak is still one of the largest ones in recent years. And, while it is still a serious threat — as scammers and hackers might use exposed emails for conducting phishing attacks — the situation is still not as bad as it could have been, since there is no sensitive data involved, apart from passwords, which can easily be changed.
Check if your email is on the list
Everyone who fears that they might be affected by the email leakage can easily check if their email has ever been compromised by going to the website Have I been Pwned. Thanks to Hunt, the list of emails that were affected in this incident is now included into the website’s massive database, which will allow anyone to check how exposed their address is simply by typing it into the search box.
Those who find that their email has been compromised are advised to change their password as soon as possible. The website will also provide users with information in which data leakage was their email originally affected, as well as statistics regarding the hacking incidents that the website is aware of, such as the number of hacked sites, the number of exposed addresses, and more.
Users are also advised not to use the same password for multiple accounts, as well as to use long, complex passwords which contain different symbols, letters, numbers, and alike. Alternatively, it is possible to use passphrases on some websites, although said phrases should not be easy to guess, so a collection of several random words is typically the best way to go about it.