This article is from the source 'rtcom' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.rt.com/news/449028-largest-data-breach-in-history/

The article has changed 2 times. There is an RSS feed of changes available.

Version 0 Version 1
Over 770 million emails addresses shared online in largest data breach in history Over 770 million email addresses shared online in largest data breach in history
(35 minutes later)
A security researcher has blown the lid off the largest data breach in history as over 770 million emails and 21 million unique passwords have been exposed, eclipsing the Equifax and Yahoo hacks by a significant margin.A security researcher has blown the lid off the largest data breach in history as over 770 million emails and 21 million unique passwords have been exposed, eclipsing the Equifax and Yahoo hacks by a significant margin.
The breach is being dubbed ‘Collection #1’ and contains a raw data set of email addresses and passwords totalling 2,692,818,238 rows from potentially thousands of different sources, according to digital security expert Troy Hunt.The breach is being dubbed ‘Collection #1’ and contains a raw data set of email addresses and passwords totalling 2,692,818,238 rows from potentially thousands of different sources, according to digital security expert Troy Hunt.
In total, there are 1,160,253,228 unique combinations of email addresses and passwords contained within over 12,000 separate files, constituting a truly staggering 87GB of data (for context, this is raw text, not 4K video).In total, there are 1,160,253,228 unique combinations of email addresses and passwords contained within over 12,000 separate files, constituting a truly staggering 87GB of data (for context, this is raw text, not 4K video).
In terms of sheer volume, it is being considered the largest data breach in history, second only to Yahoo's high profile cyber security gaffes which affected billions of users, though it is an aggregate of potentially hundreds if not thousands of breaches.In terms of sheer volume, it is being considered the largest data breach in history, second only to Yahoo's high profile cyber security gaffes which affected billions of users, though it is an aggregate of potentially hundreds if not thousands of breaches.
“It just looks like a completely random collection of sites purely to maximize the number of credentials available to hackers,” Hunt told WIRED. “There’s no obvious patterns, just maximum exposure.”“It just looks like a completely random collection of sites purely to maximize the number of credentials available to hackers,” Hunt told WIRED. “There’s no obvious patterns, just maximum exposure.”
The breach contains previously encrypted passwords that have been “dehashed” or cracked and converted back to plain text and includes files allegedly from as early as 2008. The information wasn't even for sale but was merely dumped on MEGA and subsequently on a popular hacking forum, free for anyone with scroll and click capabilities to review.  The breach contains previously encrypted passwords that have been “dehashed” or cracked and converted back to plain text and includes files allegedly from as early as 2008. The information wasn't even for sale but was merely dumped on MEGA and subsequently on a popular hacking forum, free for anyone with scroll and click capabilities to review.  
As a result, there is a greatly increased risk of so-called credential-stuffing attacks in which hackers spam websites with various combinations of emails and passwords, including – but not limited to – services like Netflix, Facebook or other social media accounts, and online services. The breach doesn't appear to contain social security or credit card data.As a result, there is a greatly increased risk of so-called credential-stuffing attacks in which hackers spam websites with various combinations of emails and passwords, including – but not limited to – services like Netflix, Facebook or other social media accounts, and online services. The breach doesn't appear to contain social security or credit card data.
Hunt recommends checking your email addresses on the free service provided by Have I Been Pwned.Hunt recommends checking your email addresses on the free service provided by Have I Been Pwned.
If you are included in the breach, which is extremely likely, he recommends using a password manager or even going old school and employing *gasp* a pen and paper to store your passwords offline. Hack that!If you are included in the breach, which is extremely likely, he recommends using a password manager or even going old school and employing *gasp* a pen and paper to store your passwords offline. Hack that!
“It might be contrary to traditional thinking, but writing unique passwords down in a book and keeping them inside your physically locked house is a damn sight better than reusing the same one all over the web,” Hunt wrote in his blog post on the breach.“It might be contrary to traditional thinking, but writing unique passwords down in a book and keeping them inside your physically locked house is a damn sight better than reusing the same one all over the web,” Hunt wrote in his blog post on the breach.
A lucky few are claiming to have escaped the breach, but the odds are not in your favor.A lucky few are claiming to have escaped the breach, but the odds are not in your favor.
Think your friends would be interested? Share this story!Think your friends would be interested? Share this story!