Were You One of the 774 Million Email Addresses Exposed in Major Data Breach?

Another day, another hack, or so it seems. This time, it might be a good idea to change your password if you haven’t done so in the past few years. Nearly 773 million records, including email addresses and passwords, were exposed in yet another massive data breach. Security researcher Troy Hunt brought this information into the public eye and experts are saying this could be the biggest data breach to be made public.

The exposed data was apparently collected from a number of breaches and uploaded to popular cloud service, MEGA. The platform, which is known to be a frequented place promoted on popular hacking forums, has since removed the data.

While experts are not sure how long these records have been exposed, they do know the data breach is widely encompassing, including login credentials for more than 2,000 websites. These records were available for anyone to download, and it has not yet been determined if they were done so by nefarious parties.

After getting word of the breach, Hunt took the entire volume of data and uploaded to a website called Have I Been Pwned (HIBP), which can be used to determine if you’re personal information has been compromised. All you need to do is visit the site and type in your email address, and HIBP will pull up all the sites where your email has been compromised, along with offering tips on how to increase your overall security while online.

Ruchika Mishra, director of products and solutions at security firm Balbix, said, “In terms of scale, this enormous trove of email addresses and unique passwords is monumental. Hackers could have accessed this data at any point.” While it is recommended that you use more robust passwords and utilize two-factor authentication for your online accounts, it more so falls on big businesses to better detect and block malicious traffic before these major breaches ever occur.

A good start to practicing better online security is using a password manager like 1Password or LastPass. These services allow you save all of your passwords on a secure system, giving you the ability to use extremely complex passwords, without needing to remember an intricate string of characters. If anything, it is a good idea to change your passwords for sensitive accounts, and keep a copy of the password stored offline in a private notebook.