What you need to know about the 770-million account breach

The facts

• The “breach” is more like a collection of other breaches collected over time, many of which were already publicized separately (hence the name “Collection 1”). This is simply the first time that such a huge collection of compromised data was found being sold all in one place (check out the biggest breaches of 2018 here).
• However, the collection contains roughly 140,000,000 email addresses that Hunt and his team at Haveibeenpwned.com have never seen before (read his report here). It is possible that this data has been bouncing around the dark web for some time as the product of other smaller breaches.
• The scope of the data is really far more shocking than “just” 770 million people’s data, which is already a staggering number. According to Hunt, it includes “1,160,253,228 unique combinations of email addresses and passwords” and “21,222,975 unique passwords.”

Are you vulnerable?

You can use this tool to check if your password has been breached. It browses multiple databases, including those used by HaveIBeenPwned.

What to do if you’ve been compromised

Step 1 is to change your password for any email addresses that have been compromised or to change your passwords for any of your accounts that used the password that has been compromised. You can use these tips to create a strong password or use this strong random password generator.

The next steps will depend on the type of account that was compromised. If it’s your bank account, call your bank and ask them what they can do to keep your money safe. If it’s your email, check your history for strange messages that may have been part of a scam attack.

Want to read more like this?

Get the latest news and tips from NordVPN

Subscribe

Subscribe

You've successfully subscribed to our newsletter!

Email is invalid

Subscribe

We won't spam and you will always be able to unsubscribe