Monster breach! The past week has seen big headlines in the print and online press about a massive data breach.
Yes, someone compiled a very large list of 773 million unique email addresses and 21 million unique codeof access.
But there is no reason to worry.
However, tech news reports with scary headlines: Gizmodo described the leak as "mother of all violations". Wired referred to it as a “monster breach” and the Daily Mail as the “biggest ever collection hacked data EVER”. Mashable was asking its readers to change their password.
Do not panic! Monster breach? No problem!
Αν παρακολουθείτε τα νέα στο iGuRu.gr θα γνωρίζετε ότι κυκλοφορούν ήδη εκατομμύρια κωδικοί πρόσβασης στο διαδίκτυο. Το 2016, για παράδειγμα αναφέραμε ότι hackers ήθελαν να πωλήσουν 427 εκατομμύρια κωδικούς πρόσβασης του MySpace και 117 εκατομμύρια κωδικούς πρόσβασης του LinkedIn.
This new violation, called "Collection #1," is not as different as other violations of the past. According to Troy Hunt, a security researcher who discovered and analyzed the list, this collection includes 773 million unique e-mail addresses and 21 million unique passwords.
But let's just break the numbers:
This collection includes older data. From 773 million unique email addresses, only 141 million (about 18 percent) was not included in I Have Be Pwned, the Hunt database. And by 22 million passwords, only half was not already in the database.
So what's the risk?
The only real danger to her Internet safety is the case of automated “credential-stuffing.” In these attacks hackers try every possible combination of emails and passwords from the databases they have in their hands.
So if you use a unique password and two-factor connection, these attacks just will not work.
But changing the habit is difficult. For change and while we are still at the beginning of 2019, try something new for your safety.
Install a password manager.
It will make your life much easier, since you will not have to remember the codes you use. An app we often recommend on iGuRu.gr is Free Keepass Password Administrator. It saves everything locally (on your system, not the cloud) and with very strong encryption.
So you do not have to panic. See the above violation as an opportunity to upgrade your security. Install a password management application.
________________