Collection #1 data dump exposes more than 772 million email addresses

One of the largest data leaks in recent memory strikes just one month into 2019

Renowned security researcher Troy Hunt yesterday revealed that a set of 772 million email addresses and passwords have been posted to a popular hacking forum, a breach he is referring to as Collection #1.

In a blog post, Hunt said he had received warnings from the cybersecurity community last week that the massive 87GB folder containing 12,000 files was available via popular download site MEGA.

Although the platform has since removed the files, they still exist on a popular hacking forum that remains unnamed. A post on the forum described the data as “a collection of 2000+ dehashed databases and Combos stored by topic.”

Collection #1 comprises many different individual data breaches from ‘literally thousands’ of sources, said Hunt, making it the largest single breach ever to be loaded onto Hunt’s “Have I Been Pwned” website, a service that notifies users whenever massive data breaches have occurred.

While Hunt cannot verify the accuracy of all the data, he noted that his own personal data was breached and was accurate.

Hackers can use bots to inject the data into a variety of internet services to fraudulently compromise accounts – in what is known as a credential stuffing attack.

It is recommended that you visit Have I Been Pwned to see if your details have been compromised. Simply enter your email address and Hunt’s service will let you know if you have been affected by this breach or by others.

The attack is the largest since Yahoo’s infamous data leak in 2013 that affected nearly three billion accounts. As this breach is not tied down to any one site, literally anyone that uses a popular internet service may have been affected.

“If you’re in this breach and not already using a dedicated password manager, the best thing you can do right now is go out and get one,” Hunt said.

“People take lists like these that contain our email addresses and passwords then they attempt to see where else they work. The success of this approach is predicated on the fact that people reuse the same credentials on multiple services.”