Monster breach! Last week saw big headlines in the print and online press about a huge leakage data.
Yes, someone gathered a very long list of 773 million unique email addresses and 21 million unique passwords.
But there is no reason to worry.
However, tech news reports with scary headlines: Gizmodo described the leak as "mother of all violations". Wired called it a “monster breach” and the Daily Mail called it the “biggest collection of hacked data EVER”. Mashable was asking its readers to change him code their.
Do not panic! Monster breach? No problem!
If you follow the news on iGuRu.gr you will know that millions of passwords are already circulating on the internetnetwork. In 2016, for example we reported that hackers wanted to sell 427 million MySpace passwords and 117 million MySpace passwords LinkedIn.
This new violation, called "Collection #1," is not as different as other violations of the past. According to Troy Hunt, a security researcher who discovered and analyzed the list, this collection includes 773 million unique e-mail addresses and 21 million unique passwords.
But let's just break the numbers:
This collection includes older data. From 773 million unique email addresses, only 141 million (about 18 percent) was not included in I Have Be Pwned, the Hunt database. And by 22 million passwords, only half was not already in the database.
So what's the risk?
The only real risk to cybersecurity is in the case of credential-stuffing. In these attacks, hackers try every possible combination of emails and passwords from the databases they have in their hands.
So if you use a unique password and two-factor connection, these attacks just will not work.
But changing the habit is difficult. For change and while we are still at the beginning of 2019, try something new for your safety.
Install a password manager.
It will make your life much easier, since you will not have to remember the codes you use. An app we often recommend on iGuRu.gr is Free Keepass Password Administrator. It saves everything locally (on your system, not the cloud) and with very strong encryption.
So you do not have to panic. See the above violation as an opportunity to upgrade your security. Install a password management application.
________________