More than 773 million unique email ids and a little less than 22 million unique passwords has been hacked, making it the biggest ever security breach.
In what can easily be termed as the year’s first and one of the biggest data breaches of recent times, about 773 million unique email ids and a shade under 22 million unique passwords have been found to have been compromised. As per information currently available, all the data thus accrued have since been found hosted on the cloud server MEGA.
In fact, so huge is the scale of the breach that it is no less than 12,000 files that make up the entire hacked info. All of it again make for 87 GB of data that has come to be known as Collection #1. Troy Hunt who runs the website ‘have I been pwned’ and who first broke the story about the massive breach claimed his own info along with several of his relatives’ have also been found in the dumped file.
Hunt who said he got inputs from several sources over the data breach said a preliminary study of the hacked info hosted on Mega makes it clear it is Yahoo accounts that seems to be the easiest to hack given the sheer number of Yahoo accounts that feature in the list. Gmail too is part of the list though can be considered relatively safer given that it features in lesser numbers.
Hunt also clarified his email id as found in the MEGA files are genuine, as is the password that he used several years ago. He said the password has been successfully dehashed to reveal the exact combination in human decipherable form. It is not known though if the so-called Collection #1 refers to data collected several years ago or if there is something called Collection #2 or sort thereof containing more recent info.
Meanwhile, while all are recommended to follow the standard procedure post a hack, that of changing their email passwords, it will also make sense to change passwords of all subsequent accounts linked to that particular email address. Also, using different and unique passwords for each account is also recommended as a natural deterrent to thwart further hacking attempts.