Skip to main content

Data breach compromises 773 million records, 21 million passwords

A given aspect of digital life is learning how to deal with situations in which you data becomes compromised; this is a fact that many individuals will have to deal with after the discovery of a data breach containing more than 773 million records. Discovered by security research and owner of Have I Been Pwned, Troy Hunt, the assemblage of documents is known as Collection No. 1 after it was found publically available online.

According to Hunt, the existence of Collection No. 1 was brought to his attention after multiple individuals reached out alerting him to its presence on the cloud storage site, Mega. When available, the massive gathering of data was spread across 12,000 separate folders and left a footprint of 87GB. Even after Mega had removed the data from its servers, another one of Hunt’s contacts was able to point him to a popular hacking forum where the data was being distributed.

The digital files contain more than 773 million records with the number of unique passwords being a little over 21 million. The reduction in numbers comes after stripping away unusable data and passwords that were still hashed, or encrypted. The smaller reduced number that represents compromised passwords should yet not be passed over as insignificant, even though it may seem to be so when correlated with the original leaks.

There are still over 21 million sets of data, emails coupled with passwords, that are now available for the taking. Worst of all, the data wasn’t sold at an auction; it was made publically available to anyone — no hacking or data skills required. When such a disaster strikes how do you protect yourself and your online identity?

Begin by checking with Hunt’s website, Have I Been Pwned, there you can type in email addresses and discover if they have been compromised at one point or another by a breach. After adding the passwords found in the most recent breach of Collection No. 1, Have I been Pwned now contains over 551 million different values to check your personal data.

Users should also follow secure password creation tips when creating new accounts including using complex alphanumeric passwords that are unique to each account and enabling secondary security features such as two-factor authentication. For tips and tricks on creating more secure passwords, be sure to follow our online guide.

Editors' Recommendations

Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
Hackers just stole LastPass data, but your passwords are safe
A physical lock placed on a keyboard to represent a locked keyboard.

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach.

It’s the second time in just a couple of months that LastPass has suffered a security incident, and it appears the two events are directly linked. That’s because LastPass’s developers say that the unauthorized party was able to access customer data “using information obtained in the August 2022 incident.”

Read more
Major tax services are sending your data to Meta and Google
fake irs emails are delivering dangerous new malware this tax season 1040 form being filled out

A new report claims that Meta's tracking Pixel has been used to collect your financial information when using popular tax filing services to send in your return. This is disturbing news for taxpayers that likely assumed these online tax services were keeping such information locked up securely.

The types of data collected vary but are said to possibly include your filing status, adjusted gross income (rounded to the nearest thousand), and the amount of your refund (rounded to the nearest hundred). This information would be quite useful in targeting advertising to those with disposable income and help determine which people to target when tax refunds arrive. As if this wasn't bad enough, your name, phone number, and the names of dependents such as your children are being obfusticated then sent to Meta by some tax filing services. According to the report by The Markup the obfustication is reversible.

Read more
Microsoft data breach exposed sensitive data of 65,000 companies
A depiction of a hacker breaking into a system via the use of code.

Microsoft servers have been subject to a breach that might have affected over 65,000 entities across 111 countries, according to the security research firm, SOCRadar.

SOCRadar claims that it shared with Microsoft its findings, which detailed that a misconfigured Azure Blob Storage was compromised and might have exposed approximately 2.4TB of privileged data, including names, phone numbers, email addresses, company names, and attached files containing proprietary company information, such as proof of concept documents, sales data, product orders, among other information.

Read more