Talk to an Expert

Nearly 800 million email accounts have been exposed in a new massive data breach. Here’s how to check if you were affected.

January 18, 2019

A recent collection of email address and passwords were leaked online in a huge data leak known as Collection 1. Collection 1 is amongst the largest data breaches recorded in history, second only to Yahoo’s hack that affected as many as 3 billion users.

Whilst it has not been determined extactly where the leaks originated, approximately 772,904,991 million unique email addresses and more than 21 million unique passwords have made their way online in a leaked database posted to an online hacking forum.

Data breach search company HaveIBeenPwned.com has updated their websites to allow members of the public to search if they have been affected.

Gridware speculates that the data leak “Collection #1,” doesn’t appear to originate from a certain source, but is rather an aggregation of 2,000 leaked databases that include passwords that were combined. It is likely the databases were sitting in a single dark web location for an unknown time until an individual collated the credentials into a single database which was uploaded to a dark web hacking forum.

Unlike other databases that are ransomed or put to the highest bidder, the original database was simply uploaded to cloud data storage service Mega until it was taken down shortly after. However in that time, a number of individuals had mirroed the database which was subsequently available on a number of other cloud storage sites.

How to check if you’ve been affected:

To check whether or not your data was affected, you can head to HaveIBeenPwned.com and enter your email address. Once you hit enter, and if your data was affected, you can scroll down and see whether your data was included in the Collection 1 data leak.

There’s no easy way of determined extactly what information of yours is in the Collection 1 leak. If you find a positive result, Gridware recommends you change your passwords immediately and utilise multi-factor authentication where possible.

If you have any further questions about the data leak, or are interested in services that Gridware can provide to reduce your organisation’s exposure as a result of the leak, please contact us or call our 24/7 Hotline on 02 9158 7304

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.