Another major collection of compromised emails and passwords was discovered last week. It’s being referred to as Collection #1 and it contains 773 million records, making it the 2nd largest collection of breached data to date, behind only Yahoo’s that involved as many as 3 billion users. Many people reading this will check it out and find their personal information on the list. While Collection #1’s data made be at least 2-3 years old, at 87GB, it is merely a subset of what the prolific hacker making it available claims to have, which totals an incredible 4TB in size.
What Is Collection #1?
Collection #1 is a lengthy list of email addresses and passwords, made up of various individual data breaches from thousands of sources. There are 2,692,818,238 rows of data. All experts agree that this is a massive amount of data. It includes quite a bit of junk because hackers are basically lazy and don’t always format their data dumps in an organized fashion. However, once you comb through all the weird delimiter types, file types and compressed archives, you still come up with almost 773 million unique email addresses.
If your personal information was ever exposed in any of the past data breaches, there’s a good chance you’re on the list. The data has now been loaded onto Have I Been Pwned (HIBP), a site that allows you to type in your email address and find out if any of your accounts have ever been compromised.
Where Did This Data Come From?
The data originally appeared on a popular cloud service called MEGA, but was recently removed from those servers. Once it was made public, hackers from countries all over the world began the process of socializing the data. This is a term used to describe how data sets are captured and sorted so that the right data can reach the right person. A new article in Forbes says that data socialization is the next big step in Data Analytics.
In the world of Big Data, there’s an enormous need to get the right data to the right person at the right time. If you fail to do this correctly, then your Big Data project could fail as well. So data socialization for this much data will be a large, time-consuming process. In the meantime, what can the average person do if they find their email address and passwords on this list?
What Can You Do?
First, users should be changing their passwords frequently. That means that any password associated with your email address should be useless. No one should still be using the same Yahoo password they used three years ago. If you aren’t sure about this, then it’s a good idea to check the list and see exactly what information is there about your accounts, then go change all your passwords as soon as possible, begin using a password manager, and consider enabling two-factor authentication wherever available to you.
For organization leaders and business owners, it’s a much more dangerous situation. You have a duty to protect the data of your customers in every possible way. This job is getting harder every day due to the proliferation of hackers and hacking schemes. There are a few very effective steps you can take to avoid losing company data in a hack. Once you’ve been hacked, there’s not much you can do except change all your passwords, but the most effective method is simply to take every step to prevent a breach from occurring in the first place.
According to the U.S. Securities and Exchange Commission, small and mid-sized businesses are the principal target for hackers who want to sell confidential data on the Dark Web. This includes healthcare, legal and financial entities. That type of data will fetch a much larger price and therefore is more valuable to hackers.
GO Concepts encourages organization leaders and business owners to take a proactive, layered approach to cyber security. This includes:
- Dark Web scanning and monitoring
- Simulated phishing campaigns
- Ongoing security training for entire staff
- Apply patches and updates regularly
- Take advantage of enterprise-grade firewalls and antivirus
How to Get Started
If you’re new to the world of cyber security, then we would first suggest an assessment of your security protocols. As most organization leaders and business owners know, it’s not enough to have a simple firewall and antivirus solution. Those are just the first steps toward better internet security.
You must train your employees regularly so they won’t fall into the traps that hackers set for them. Simulated phishing campaigns will test your employees to see if they’ve been paying attention. We can let you know which employees are more likely to fall for a phishing scam. Dark Web scans and monitoring keep you abreast of whether your personal or work information has been compromised, how much damage this could cause and how to remediate this. If you are wondering, NOW IS THE TIME for Dark Web Scanning and Monitoring!
As you can see, there’s a lot more to cyber security than meets the eye. The world of hacking is growing at alarming rates. It’s a crime that pays well and almost never involves getting caught or going to jail. It’s up to you to stay a step ahead of hackers.
If you’d like to learn more, why not contact GO Concepts for a free, no-obligation consultation? We can assess your current cyber security and make recommendations to beef everything up so your organization’s data is less likely to wind up on the next massive data breach list and what to do if it’s already out there.
GO Concepts works with Agencies, Independent Providers, and County Boards for the Developmentally Disabled providing value-based Managed IT Services that you can rely on.
Want to learn how today’s technology can help you achieve your mission? Stay up-to-date on the latest IT news. Visit our Insights Blog where you’ll find helpful tips about using IT today.