A mammoth data dump database has grown much much bigger, according to security researchers in Germany.
They warned that over 2 billion email addresses and passwords are being passed around on hacker forums.
It comes after security researcher Troy Hunt last month discovered one of the biggest ever data breaches ever found that involved 773 million email addresses and passwords, which had been posted to a popular hacking forum in mid-December.
The 87GB data dump had been discovered by Troy Hunt who setup ‘Have I Been Pwned’ (HIBP) as a simple location for people to check if their personal data had been compromised by any data breaches.
He has not yet updated his website with the latest “collection” data, but researchers at the Hasso Plattner Institute who run their own Identity Leak Checker, have added to the ‘Collection #1’ data dump found by Troy Hunt.
The German researchers reportedly discovered that 611 million of the credentials in the new ‘Collections #2–5’ database weren’t included in the Collection #1 database.
The ‘Collections #2–5’ database reportedly contains 845 gigabytes of stolen data and 25 billion records in all.
This means that hackers have been exchanging a database that contains an estimated 2.19 billion email addresses and passwords.
“This is a start of something far more significant than anything we have seen before,” Jake Moore, cyber security specialist at ESET UK, warned Silicon UK via email. “Hackers are becoming even more sophisticated, and hopefully, this is a massive wake-up call to anyone with an email address.”
“The overarching statement here is that we need to adopt stronger layers of security, and this is the time to adopt a new way of managing passwords,” said Moore. “Using your three rehashed passwords is no longer going to cut it.”
If users are worried their email addresses have been compromised, they should either visit ‘Have I Been Pwned’ (HIBP) or Hasso Plattner Institute to run a check.
It is good advice for people affected to change their email passwords, and also people should consider using a password manager.
The ‘Collection #1’ and now the ‘Collections #2–5’ breaches are sure to go down as one of the largest ever data breaches.
However, it should be remembered that it is still some way off the Yahoo data breach in 2013 that saw the compromise of 3 billion accounts worldwide.
Do you know all about security? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…