Posted on 01/17/2019 9:08:31 AM PST by BenLurkin
“Collection #1" is the largest public data breach by volume, with 772,904,991 unique emails and 21,222,975 unique passwords exposed.
...12,000 separate files and 87GB of data had been uploaded to MEGA, a popular cloud service. The data was then posted to a popular hacking forum and appears to be an amalgamation of over 2,000 databases. The troubling thing is the databases contain “dehashed” passwords, which means the methods used to scramble those passwords into unreadable strings has been cracked, fully exposing the passwords.
So what does this mean for the average person? According to Hunt, it means compromised email and password combos are more vulnerable for a practice called credential stuffing. Basically, credential stuffing is when breached username or email/password combos are used to hack into other user accounts. This could impact anyone who has used the same username and password combo across multiple sites. This is concerning as the Collection #1 breach contains almost 2.7 billion combos. Plus, around 140 million emails and 10 million passwords from Collection #1 were new to Hunt’s HIBP database—meaning they’re not from previously reported megabreaches.
(Excerpt) Read more at gizmodo.com ...
Oh ye of little faith
How can you NOT trust someone on the ‘net?
Next thing you know, you will not help out any Nigerians.
Are you a RACIST?
It does sound a bit like a phishing scam, doesn’t it?
But; is beaching at the FReep still safe?
LM8NO PUPPIES!
Well; it COULD open up a new bucket of worms; fer shur!
OSAR. CMPN.
Thanks for the info! Neither I nor FrogDad have been pwned!
DashLane is a keeper, too! It generates my strong passwords.
I’ve been using DashLane for about 5 years. It tells me when there’s a breach that I need to worry about and tells me which passwords I need to change.
I love it!
I love it too.
I put in my master pw first thing in morning.
I could never remember all the pw I use.
Thx for info
Way back; when computers were made of rocks; not silicon; I had a login program running on a time shared computer, displayed on a dumb terminal.
When any key was pressed, the date, time and logo would appear on the screen and ask for your password.
There were 86,400 possibilities and those were the odds of ever having the same password twice. (Actually less than that considering the time of day you logged in.)
The password was 6 characters, determined by the TIME displayed in Hr:Mn:sc format, down shifted to the top row of letters on the keyboard...
1234567890 = qwertyuiop respectively
08:13:46 would be piqery
You didn’t read the article or the link to search. Of course they are not asking you to display your password. LOL. You enter your email address. ;)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.