A cybersecurity researcher has revealed in his blog a data breach made up of many different individual data breaches from thousands of different sources that consists of a set of email addresses and passwords totaling 2,692,818,238 rows, which he has designated as “Collection #1,” containing 772,904,991 unique email addresses along with 21,222,975 unique passwords.
The cybersecurity blogger cited a large collection of files on the popular cloud service, MEGA, which totaled over 12,000 separate files and more than 87GB of data.
The Collection #1 data reportedly was first posted to underground forums in October 2018 and is just a subset of a much larger tranche of passwords being sold online for $45.00 by a seller who self-identifies as “Sanixer.” Sanixer reportedly admits that Collection #1 was at least 2 to 3 years old and is a mix of “dumps and leaked bases.” However, he allegedly offers for sale other “password packages” that total more than 4 terabytes in size and are less than one year old.
A cybersecurity expert states that a core reason so many accounts get compromised is that far too many people choose poor passwords, re-use passwords and email addresses across multiple sites, and are not taking advantage of multi-factor authentication options when they are available. The cybersecurity expert recommends instead of thinking about passwords, consider using unique, lengthy passphrases — collections of words in an order you can remember — when a site allows it. In general, a long, unique passphrase takes far more effort to crack than a short, complex one.
The cybersecurity expert suggests that if you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong and unique passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.
The cybersecurity expert further suggests that you go to twofactorauth.org and to see if you are taking full advantage of multi-factor authentication at sites you trust with your data. Multi-factor authentication helps because even if hackers manage to guess or steal your password just because they hacked some Web site, that password will be useless to them unless they can also compromise that second factor — be it your mobile device or security key.
If your business suffered financial or other significant harm due to a cybersecurity breach in the United States, email us at firstname.lastname@example.org or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber security breach matter may be appropriate to be handled on a contingency basis.
BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation