The new finding, called “Collection #1” by Hunt, consists of 2.6 billion rows and is made up of “many different individual data breaches from literally thousands of different sources.”
New breach: The "Collection #1" credential stuffing list began broadly circulating last week and contains 772,904,991 unique email addresses with plain text passwords (now in Pwned Passwords). 82% of addresses were already in @haveibeenpwned. Read more: https://t.co/BAa3rbgZo4
— Have I Been Pwned (@haveibeenpwned) January 16, 2019
The database going back as far as 2008 is a staggering 87GB in size, and comprises 1.1 billion unique combinations of email addresses and passwords – many of which have been “dehashed,” or cracked and converted back to plain text.
This is when treating the password as case sensitive but the email address as not case sensitive. This also includes some junk because hackers being hackers, they don’t always neatly format their data dumps into an easily consumable fashion. (I found a combination of different delimiter types including colons, semicolons, spaces and indeed a combination of different file types such as delimited text files, files containing SQL statements and other compressed archives.)
The unique email addresses totalled 772,904,991. This is the headline you’re seeing as this is the volume of data that has now been loaded into Have I Been Pwned (HIBP). It’s after as much clean-up as I could reasonably do and per the previous paragraph, the source data was presented in a variety of different formats and levels of “cleanliness”. This number makes it the single largest breach ever to be loaded into HIBP. –Troy Hunt
The collection was dumped on anonymous storage site MEGA before it was posted on a popular hacking forum for anyone to access.
Last week, multiple people reached out and directed me to a large collection of files on the popular cloud service, MEGA (the data has since been removed from the service). The collection totalled over 12,000 separate files and more than 87GB of data. One of my contacts pointed me to a popular hacking forum where the data was being socialised, complete with the following image: –Troy Hunt
This is from https://t.co/rDyOtQ84DR a popular cracking fourm and i saw it like 10 days ago on that fourm
— Utkarsh Gajera (@Utkarsssh17) January 17, 2019
Not only am I on the list, I also received a phishing email telling me on of the throw away passwords I used together with that email. So at least in my case I know who got hacked… and who will _NOT_ be receiving a bitcoin ;D
— Ruben W. (@ruben_we) January 17, 2019
Just received my email. Plain text passwords 😰. I started using @haveibeenpwned and @1Password a while ago because of breaches like this. And so should you. There is @1Password which I recommend, but there are free alt's. Use @haveibeenpwned, you'll see why it's necessary. https://t.co/y2pl7ShWtZ
— Rutger Claes (@rutgerclaes) January 17, 2019
Thanks to the breach, it’s much easier for bad actors to attempt so-called credential-stuffing attacks in which online platforms are spammed with combinations of emails and passwords in order to gain access.
Fortunately, it doesn’t appear that credit card data or social security numbers were part of the publication.
Hunt recommends running your email through his “Have I Been Pwned” breach-notification service, though that’s entirely up to you since (with all due respect) we don’t know Hunt and while helpful – the site also identifies real people vs. bots.
Read more about “Collection #1” here.
This article was chosen for republication based on the interest of our readers. Anti-Media republishes stories from a number of other independent news sources. The views expressed in this article are the author’s own and do not reflect Anti-Media editorial policy.
Since you’re here…
…We have a small favor to ask. Fewer and fewer people are seeing Anti-Media articles as social media sites crack down on us, and advertising revenues across the board are quickly declining. However, unlike many news organizations, we haven’t put up a paywall because we value open and accessible journalism over profit — but at this point, we’re barely even breaking even. Hopefully, you can see why we need to ask for your help. Anti-Media’s independent journalism and analysis takes substantial time, resources, and effort to produce, but we do it because we believe in our message and hope you do, too.
If everyone who reads our reporting and finds value in it helps fund it, our future can be much more secure. For as little as $1 and a minute of your time, you can support Anti-Media. Thank you. Click here to support us