BREAKING NEWS: Massive Data Breach Exposed 2.7 Billion Email and Password Combinations
Follow a few simple recommendations to protect your credit union accounts
Another day, another data breach. This time, however, the breach is massive. Cybersecurity expert and creator of the data breach notification service Have I Been Pwned, Troy Hunt, recently discovered a collection of 773 million emails and more than 21 million passwords exposed on a cloud storage service.
It represents 87 gigabytes of data that could put your credit union accounts and your financial information at risk. If you haven’t taken precautions with your passwords in the past, this should be a wakeup call. The key is to follow a few simple recommendations regarding login and password usage. By reusing the same password for multiple accounts, it becomes very easy for cybercriminals and hackers to gain access to your sensitive personal and private information.
Source is unknown
Neither Hunt nor anyone else is sure about the origin of this data breach. The information was storied in thousands of separate files on the cloud service, MEGA. Hunt called it “Collection #1” and said it included 2,692,818,238 rows of email addresses and passwords.
On his blog, Hunt wrote, “It’s made up of many different individual data breaches from literally thousands of different sources.”
New breach: The "Collection #1" credential stuffing list began broadly circulating last week and contains 772,904,991 unique email addresses with plain text passwords (now in Pwned Passwords). 82% of addresses were already in @haveibeenpwned. Read more: https://t.co/BAa3rbgZo4— Have I Been Pwned (@haveibeenpwned) January 16, 2019
“If you're in this breach and not already using a dedicated password manager, the best thing you can do right now is go out and get one.”
-- Cybersecurity expert Troy Hunt
Protect Your Account...NOWYou can’t protect yourself from emails and passwords that have already been exposed and collected by hackers and cybercriminals. But there are steps you should take now and suggestions you should follow from now on to reduce the risk that you’ll become a victim of fraud or identity theft.
- Change your password for all of your accounts. If it’s too much to change everything, at least change the password for your credit union accounts and any other login that contains access to credit card, PayPal, or any other payment information.
- Use a unique password for every account. Even if the password to one of your accounts is discovered, it won’t compromise all of your logins.
- Use a password manager. If you can remember your passwords, pronounce your passwords, or can count the number of characters on your fingers, you probably have a weak password.
One of the key points Hunt made on his blog was to say, “If you're in this breach and not already using a dedicated password manager, the best thing you can do right now is go out and get one.”
Password managers are one of the few security constructs that actually make your life easier. Take logging onto a mobile app with @1Password on iOS: tap the email field, choose the account, Face ID, login button, job done! Not a single character typed 😎 pic.twitter.com/6ZKcGHfHhq
— Troy Hunt (@troyhunt) January 13, 2019
A password manager will help you create and store passwords. Nuvision has written about password safety and password managers in 5 STEPS TO CREATE STRONG, UNIQUE AND READILY ACCESSIBLE PASSWORDS [https://nuvisionfederal.com/blog/memberresources/2018/02/01/5-steps-to-create-strong-unique-and-readily-accessible-passwords].
Was your email part of Collection #1?
You can check to see if your email was included in this most recent data breach – or hundreds of others – by using Hunt’s free service, Have I Been Pwned. No password is necessary. You just enter your email and the site will check to see if you have an account that has been compromised in a data breach.
Once on the website, you can also click on “notify me” to be notified if your email address is discovered in a future data breach.
Change your password today
That this most recent data breach was discovered doesn’t mean that a whole new batch of information was stolen. It just reveals the amount of personal information that is already out in cyberspace. So, please, don’t wait – change your Nuvision logon to a strong, long and unique password. And feel safe that Nuvision will continue to bring the latest information about data breaches and account security to protect the life you build.
Stay on top of fraud trends and news
Nuvision is your credit union resource for alerts, news, and information about fraud, identity theft, financial and data protection, and cybersecurity. Learn about fraud protection and follow Nuvision on Facebook and Twitter to receive updates when new articles are published.