by Graham Pierrepoint
Data breaches and data dumps come and go, but it appears that a faulty spambot may be to blame for what is being argued to be the biggest dump of email addresses and passwords in known history. It’s thought that 711 million records have been released – and while many of them may be repeats or may even belong to non-human sources – it stands to reason that this is one of the most colossal outpourings of restricted data we’ve seen in recent years.
The breach was reported on by Have I Been Pwned – a website which users receive emails from when their addresses have been sourced as part of major leaks online. This means that major leaks of recent years – such as those from the controversial Ashley Madison dating site and the huge leak of data from business networking platform LinkedIn – have largely been detailed here, and alerts are sent to recipients of email addresses affected as soon as possible. It has become a useful tool for those who are genuinely concerned about safety – and particularly as hacking groups have targeted public facing organisations to leak data in recent years in an effort to prove how low security so many major sites actually are.
711 million email records, therefore, have been loaded up into Have I Been Pwned – and as a result, millions of subscribers received an advisory email earlier this week stating that their personal data may have been unveiled online. It’s thought that the data spilled from an email spambot due to an unsecure server – meaning that records captured became fair game on the internet only a day or so ago. This, therefore, means that a change of password is most certainly advised as priority.
If you are not already a registered subscriber with Have I Been Pwned, you can take action by either signing up or making sure you change your email address passwords with immediate effect – just to be on the safe side. While 700 million records is a fair amount for your specific address to get lost in, there is always a risk that you could face being locked out or subject to fraud – so do take care in creating new security that protects you and your personal data as much as possible. Remember – according to recent advice, long passwords are more secure than complex ones!