Another massive data breach: Your passwords may be at risk

  • Another massive global data breach has been confirmed today, with over 2.2 billion unique usernames and passwords being released to the public in the single largest breach of its kind ever.

    Two weeks ago, we reported that a massive global data breach had been discovered with the release of a file containing over 773 million unique email addresses and over 22 million unique passwords. The passwords were harvested from hundreds of hacks and breaches at websites and online services across the world and compiled into a file titled 'Collection #1' that was then released to the public.

    In retrospect, that name should have given us a clue that there were more breaches to come. Now hackers have released Collection #2, 3, 4, and 5 to the public, which contains a total of 2.2 billion unique sets of usernames and passwords harvested from online services. The breach was first reported by German tech website Heise Online and was confirmed today by Wired UK with comment from Germany's Hasso Plattner Institute and cybersecurity firm Phosphorus.

    This breach is sure to have caught the attention of Cybersecurity expert Troy Hunt who brought the Collection #1 breach to our attention earlier this month, but with over 845GB of data stored in 12,000 files and totalling over 25 billion records, it may be some time before the password records are incorporated into his "Have I Been Pwned?" service. You can enter your email address into his website to get a notification every time it's found in a major data breach, and use his service to check your individual passwords.

    The advice for users to secure their passwords remains the same as ever: Generate completely unique and truly random passwords for each website you use, and use a password manager service to remember them and fill in login forms. Never use the same password on more than one website, even if you make small changes depending on the website. The only secure password is one you can't remember.

    About the author

    Brendan is a Sync NI writer with a special interest in the gaming sector, programming, emerging technology, and physics. To connect with Brendan, feel free to send him an email or follow him on Twitter.

    Got a news-related tip you’d like to see covered on Sync NI? Email the editorial team for our consideration.

Share this story