Collection 1 data breach leaks 773 million records

Security researcher Troy Hunt – who runs the website Have I Been Pwned? – has published a blog post detailing a massive new data leak.

This data breach, named “Collection 1”, exposes 773 million unique email addresses, making it the single largest data breach ever loaded onto Hunt’s website.

The leaked details are sourced from many individual breaches from thousands of sources and include email addresses and passwords.

This information was being distributed on a popular hacking forum and contained almost 2.7 billion individual records.

The leaked email and password combinations were compiled into lists that can be used for credential stuffing, which is the automated injection of details into services in order to fraudulently gain access to accounts.

Measures which can protect against this type of attack include enabling two-factor authentication and using a password manager to generate different passwords for each service you register for.

Users can check whether their details were exposed in this data breach by typing in their email address on the Have I Been Pwned? home page.

To check which of their passwords were compromised, users can check their commonly-used passwords against the Pwned Passwords database.

Now read: Temporary network route let user access Rain data centre camera

Latest news

Partner Content

Show comments


Share this article
Collection 1 data breach leaks 773 million records