Menu

The Latest / Data Security News

Enormous Leaked Account Database Posted Online

January 29, 2019

A leaked account database has been circulating online this month. It’s not the accounts compromised in one hack, but a database that includes emails and passwords collated from hundreds if not thousands of smaller hacks.

Enormous Leaked Account Database Posted Online

What’s in the leaked account database?

The leaked account database has been dubbed as collection #1. It’s been bought to the wider public’s attention by Troy Hunt, founder of the website, ‘Have I been pwned?’. It’s a site used by many people to assess whether their accounts have been compromised in hacks.

This collection #1 collates around 773 million email addresses and more than 21 million passwords in one database. Unfortunately, it wouldn’t be a shock if you were in there, whoever you are, at this point.

It was posted on the MEGA cloud service originally but has been taken down now. No doubt the data has been downloaded and shared elsewhere though. The data would have already been out there, but hackers getting their hands on a database that covers so much in one place is obviously undesirable. Stay vigilant out there and be on guard is our advice.

Leaked account database danger

The leaked account database poses a danger to all those involved, especially if you are using the same password from account to account. First off, make sure you are not doing that. And secondly, you can use the ‘Have I been pwned?’ website to check if your email or password has been compromised in the past. If it has, be sure to update passwords across your digital life were appropriate.

You need to start using unique and complex passwords, but what would be more desirable, is organizations adopting different ways of verifying identity. Clearly passwords at this point are a liability and can’t be properly defended.

Here at Global Data Sentinel, we opt for multi-factor authentication that uses a biometric component to defend your accounts and systems. A biometric can’t be phished for or stolen in the same way a password can. And multi-factor authentication ensures if one part of your log-in should become compromised, hackers don’t immediately have access. Find out more.