Content

‘Collection 1’ breach exposes 773M unique emails, 21M passwords

The large collection of files on the MEGA cloud service that exposed nearly 773 million unique emails and 21 million unique passwords and was posted on a hacking forum, came from a number of breaches and sources, according to security researcher Troy Hunt, who dubbed the breach “Collection 1.”

Hunt, who cleaned up the data and included it on his Have I Been Pwned site, notes it has since been removed from MEGA.

"Yet again, we are seeing a breach of proportions that were unimaginable only a few years ago," said Stan Lowe, Zscaler’s Global CISO. "We are becoming immune to such incidents, accepting that this kind of thing is now part of our daily lives, and there is where the danger lies.”

Referencing Joseph Stalin, who said 'A single death is a tragedy; a million deaths is a statistic,'” Lowe maintained, “We cannot and must not become complacent in the case of such breaches, accepting that this is just another security statistic to be added to end of year reports with the headline 'The worst year ever.'”

The Collection #1 breach is composed of “a set of email addresses and passwords totaling 2,692,818,238 rows,” Hunt wrote in a blog post, explaining that the total number of unique combinations of emails and passwords is more than 1.16 billion.

This also includes some junk because hackers being hackers, they don't always neatly format their data dumps into an easily consumable fashion,” he said. 

The data includes "dehashed" passwords that Hunt said “have been cracked and converted back to plain text,” confirming that he found his own information - exposing old passwords - within the dataset. 

After receiving a tip from one of his contacts, Hunt found the “data was being socialised” on a popular hacking forum. 

Calling Collection 1 a“colossal breach,” Will LaSala, director of security solutions, security evangelist at OneSpan, said for “criminals trading assets in underground forums, data from this breach could easily be cross-referenced with information lying elsewhere to bypass authentication. For the more high-risk accounts like banking accounts, this poses a very real fraud threat.”

The breach should “highlight the need for security reach beyond the password,” LaSala said, urging those impacted to “act fast to change any reused passwords, as the exposed credentials can be used by criminals in credential stuffing attacks to cause maximum damage across multiple other accounts.”

Zscaler’s Lowe contended it’s time to “start thinking about cybersecurity differently. Our economic future depends on it." 

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.