Forget Collection 1: Here comes Collections 2-5
February 6, 2019
March 31, 2020
In case you missed it, here’s a quick recap of the Collection 1 data breach. Over 700 million emails and passwords were exposed on a Megaupload server. The data from many past data breaches were compiled into one file and was up for grabs on the Dark Web. This was one of the largest breaches in history. The sheer amount of unique logins was enough to spark much public interest. Many of the logins were found to be years old, but many people don’t change their passwords. This breach still poses an incredible risk to the public’s cybersecurity.
Collection 1 is being hosted on the file-sharing site, Megaupload.
Now, Collections 2-5 are upon us. Just weeks after the Collection 1 data breach posted 700 million different logins, here we are. This is the largest dump of records ever recorded, topping the scales at 2.2 billion unique logins. About 845 gigabytes of data were uploaded to torrent sites and left up for grabs. This breach included information from Yahoo, LinkedIn, and Dropbox that hadn’t seen the light of day yet. This data can be used in so many different ways like the Collection 1 breach. Credential stuffing is still rampant and if you don’t update your passwords, or if you use the same password across multiple sites, it is definitely worth checking to see if you’re affected. Chances are, the answer is yes. While this breach is not in the popular data breach record collection site, https://haveibeenpwned.com, you can check to see if your emails are stored within the breach with this tool: https://sec.hpi.de/ilc/search. People are becoming numb to the reality that their data is being distributed throughout the world. Companies like Facebook and Google are using it for advertising, and hackers are using it for their own financial gain.
In 2016 and 2017 Yahoo experienced massive data breaches with all 3 billion of its accounts hacked.
Security must be properly utilized in order to keep people’s data safe. Two factor authentication is almost necessary now that there are so many exposed passwords. Consumers are slowly becoming more accustomed to using extra security measures to protect themselves. Businesses must do the same. If you don’t use the latest and greatest to secure your company, then you are not only putting yourself at risk, but your customers as well. Companies that experience a data breach typically see a sharp decline in business immediately following the hack. It takes a large amount of work to gain back this trust compared to the effort it takes to use the right security service.
SecureCircle protects your data regardless of location including on-premise file servers, edge devices like phones and laptops, as well as public and private cloud storage. Over the past year, we’ve heard overwhelmingly positive feedback from compliance officers and auditors because as a byproduct of data protection that works everywhere, SecureCircle is also able to track files at all times. Protection and visibility for your company’s sensitive data. Visit our website to learn more about what we do.
Prevent Data Breaches
Let’s discuss your unique cybersecurity challenges and needs.
If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.