The Collection #1 Data Breach

posted in: Uncategorized | 0

In case you have not yet heard, a huge collection of 773 million email addresses and passwords from up to 2000 data breach sources that is circulating among the bad guys. It’s referred to as Collection #1. Chances are that you’re in it somewhere.

You may have already started getting messages saying that your email account has been hacked, malware has been loaded on your computer, and your data will be destroyed or encrypted unless you pay a ransom. Most of that is probably not true so don’t panic. I’m getting such ransom notes about one of my email addresses. Collection #1 has a years-old password for it so the bad guys are bluffing.

You may have already started getting messages saying that your email account has been hacked, malware has been loaded on your computer, and your data will be destroyed or encrypted unless you pay a ransom. Most of that is probably not true so don’t panic. I’m getting such ransom notes about one of my email addresses. Collection #1 has a years-old password for it so the bad guys are bluffing.

If they have your email address and password, they’ve been able to read your emails and send emails as though they are you. But to infect your personal computer, they’d have to get the login to your PC or trick you into downloading malware or trick you into clicking on malware in an email attachment.

Update your backups of your data. Change your passwords and try not to use the same password for multiple things. Use an encrypted data vault program if you have too many passwords to remember. (KeePass is a popular free one. I prefer to buy B-Folders instead, on my devices. I would not keep my vault in the cloud.)

I’m providing two links you may need. The first is a website where you can check whether your email details got caught in a data breach. I subscribe to a free notification service from this website, so I get email letting me know whenever they detect one of my addresses in a breach. For Collection #1, there is also a lookup in this website where you can enter your passwords–by themselves, not together with the email addresses they go with–and the website will tell you whether the password is in Collection #1. If it is, change that password everywhere you have used it.

https://haveibeenpwned.com

The second link is to a reasonably good article about this particular collection.

https://www.sciencealert.com/the-biggest-data-breach-yet-spills-773-million-email-addresses-21-million-passwords

Feel free to share this.

Leave a Reply

Your email address will not be published. Required fields are marked *

nineteen − = twelve