As Nodal reported last week, the Collection #1 archive exposed nearly 775 million user emails and over 21 million passwords that had been collected in various data breaches over the past few years. Unfortunately that was just the beginning: additional archives for sale on the Dark Web referred to as Collections #2-5 have also been discovered.
Collections #2-5 nearly triple the amount of data revealed in Collection #1, resulting in 845GB of user data containing over 25 billion personal records. Some of these records are duplicates: since the Collections are aggregates of past data breaches, the same accounts may have been involved in multiple separate incidents. Still, the sheer volume of compromised user data is significant.
As always, Nodal recommends the use of regularly updated, strong passwords. A breach like this is useless to hackers if you follow best practices with your data, as their information will be outdated by the time they attempt to access your accounts. Setting up two-factor authentication is a great additional step toward securing your personal data.
To check if your accounts have been compromised, check out the Hasso-Plattner Institute’s website here. Credential breach lookup site HaveIBeenPwned has not been updated with Collections #2-5 at the time of this writing, but is up-to-date concerning Collection #1.
If you have further questions about securing your online accounts, configuring two-factor authentication, or other security topics, feel free to contact Nodal!