Collection 1 data breach: what you need to know

Collection 1 data breach: what you need to know

Yesterday, news broke that the largest data dump in history had been discovered, with more than 770 million people’s Personally Identifiable Information (PII) decrypted, catalogued, and up for grabs on the Internet. The files, which are being dubbed Collection 1, were originally found on cloud service MEGA, and later posted to a popular hacking forum.

The Collection 1 folder contains more than 12,000 files and is a whopping 87 gigabytes large.

While on paper this sounds beyond alarming, the truth is much more nuanced. The collection is composed of data pulled together from multiple data breaches and leaks, many of which contain email addresses and passwords that are at least two to three years old. Security researcher Brian Krebs cautioned folks on assigning too much significance to the find because the data is rather stale, and not particularly useful for threat actors.

However, as we saw in summer 2018, stale data can be used successfully in phishing and extortion campaigns. The mere mention of a correct password, even if it’s outdated, could coax unsuspecting users into giving up fresh PII or paying ransoms.

Every time an organization announces that it’s been breached, customers wait with bated breath to see if they’ve been impacted. But after a time, if an identity theft crisis, credit card tampering, or straight-up hack doesn’t take place, many users breathe a sigh of relief and imagine they’ve weathered the storm. Yet, as evidenced by Collection 1 and other such treasure troves of data that are offered for sale online, that may not be the end of it. If users don’t take steps to protect or change their credentials after a breach, they are at risk of being targeted again and again.

Our advice to users: Take a look to see if your information is caught up in this latest data dump. You can easily check to see if you’ve been compromised by using researcher Troy Hunt’s website Have I Been Pwned. Once there, enter your email address and scroll to the bottom of the page to see if you are part of Collection 1 or any other breaches. In addition, you can check if your password was compromised using a new feature of Hunt’s site called Pwned Passwords.

If you are on any of these lists, go forth and change your passwords immediately. We also recommend using a password manager and following other password best practices, such as avoiding using the same password across multiple sites and using long phrases that do not contain obvious dates, names, or other easily identifiable (and thus crackable) information.

No, this may not have been the breach to end all breaches. But that doesn’t mean it should be taken lightly. In fact, this is an opportunity for 770 million people to shore up their defenses by making a simple, yet effective, change.

As always: Stay safe, everyone!