Collection 1: Largest Ever Collection of Email Addresses and Passwords Exposed
Has your email address recently been compromised?! Most likely so.
News has broken that a database containing over 772 Million Email addresses and Passwords had been posted to a very popular hacking forum (the post has since been taken down). My own personal information was in this database and chances are pretty high that your information is in this database as well. If you would like to read more about the breach you can do so here – Email Addresses Exposed
A Regional Director at Microsoft, Troy Hunt, was able to get his hands on this information and load it to his website, haveibeenpwned.com. This is the single largest database to be loaded to the site and I would recommend that you immediately go validate if your email address has been compromised.
You can utilize the website to determine if your email was part of the database and if any of your passwords have been compromised as well. If they have been compromised, I would recommend that you immediately update any and all passwords and enable Multi-factor Authentication (MFA/2FA) on any website that allows it.
From a business perspective, you also have the ability to search your domain to see if any email addresses were part of this database. I would recommend that you take this action today and reach out to any employee that is on the list and have them update their credentials immediately.
I’ve written about the password management topic in a previous blog post, but this is another great example of why using a variety of passwords across the sites you’re using is so important. It is the best way to mitigate wide spread access to your accounts if a breach of any one of the sites you’re using occurs. I know this can be cumbersome, but using a password manager can ease the burden of managing this information. You can also refer to my previous post on password creation and management for more information on password managers.
Welcome to 2019, where we are still fighting the battles for usernames and passwords. It is the reality that we live in, so it is important that we work together and stay on top of incidents like this.
As always, please contact the Cerdant Team if you’d like to discuss this topic further!