25 Feb The term “Mega breach” may be new, but is it old news?
A finding recently unveiled how someone managed to hack and acquire 773 million email addresses as well as 21 million unique passwords (the biggest data breach ever). It is astonishing that one person could get hold of this amount of data. It seems a scary thought to consider the possibility of having that much data on millions of people, However, it appears that this data is between 3 and 5 years old, which means all this leaked personal data has been around for years and must have been breached a long time ago.
So why is this mega breach only coming to light now? Why was this allowed to happen? Who could have gained this much data?
Using his alias “Sanixer”, this cyber criminal harvested and collated data (much like organised criminals do) from multiple data breaches, organising this into a wonderful collection of records about me and you. He then proceeded to sell huge files of personal data for only $45. According to Sanixer, the data was pulled from numerous hacked sites and compiled into multiple collections, each containing millions of emails and passwords from websites such as LinkedIn and other hacked sites. You may not even know that your data has been compromised!
The fact that your personal details could have been shared around the globe numerous times without you even being aware is scary, and although the data in the Mega Breach was old, data breaches are as relevant and common as ever.Mass collections of data can very easily be used to black mail you, target you for phishing emails and direct attacks. Although some criminals like Sanixer claims you may have brought it on yourself
Sanixer explained how most of the personal details and accounts that were hacked and breached were because of weak passwords that were very easy to guess. Passwords such as “password123” (Even worse if you use the same for every account) and this often provides an easy route in to data. As individuals we must ensure we have the right protection and security in place and adhere to better practices than Password 123.
On the bright side much of the data on this “Mega Breach” is outdated and according to Sanixer, not of much use. It does however highlight, that we must be a lot more considerate over where our personal data is, how secure it is i.e. passwords, and how we can prevent any sort of “Mega Breach” from happening again.