GDT Webinar Series – How to Fail at Security? Reserve Your Spot

The Collection #1 Data Breach─sit down first; the numbers are pretty scary

It’s interesting what forty-five (45) bucks will buy you these days─a small bag of groceries, a night at the movies with your significant other (if you the small-sized drinks and snacks at the concession stand), and half a parking space at a Dallas Cowboys home game. Also, and if you don’t possess a conscience, it can get you three-quarters of a billion unique email addresses.

What happened?

Last week it was revealed by security researcher Troy Hunt that “Collection #1”, an unimaginative name for one (1) of the largest security breaches of all time, is a mass of data—almost 90 Gb worth—that includes 773 million unique email accounts and almost 25 million associated passwords. Yes, passwords.

Originally, the data numbered 2.7 billion records, but Hunt jettisoned the garbage to arrive at its current, apparently marketable total.

Just so there’s no confusion, Hunt is the good guy. For years, he’s been researching data breaches and alerting the public of his findings. He shared his recent, pared-down database with the site Have I Been Pwned?, which allows email addresses to be entered to discover whether they are one (1) of the unlucky 773 million. The bad guy(s) are the ones selling access to the database on a file hosting site that shall remain nameless (sorry, no free advertising for evil).

Collection #1 isn’t a new thing; it’s been around approximately two (2) years. Collection #2 came first, and actually puts its digital progeny to shame. Aside from the fact that it was named by a sequentially-challenged hacker, it totals over 500 Gb. So, if you’re keeping score at home, both collections total almost a terabyte of stolen data that is available to miscreants for the one-time fee of $45. A steal—literally and figuratively.

Hunt does offer up a sliver of solace. While he found his email address in the database, the password associated with it was one (1) he’d used many years ago. Whew. However, even if a password was used for email years ago, you may not be out of the woods. For instance, what if it’s the current password you use to log into another site, like—gulp—your bank. It could be a key that unlocks a spate of services.

Yikes! What next?

First, go to Have I Been Pwned? to discover if you’re an undistinguished member of this hacked fraternity. If so, start changing your passwords—all of them. But don’t change them once and never do it again. We’re supposed to be replacing the batteries in our smoke detectors when daylight savings time ends and begins, right? Add changing passwords into the mix. With the volume of excellent password management tools available, you have sundry options to address this problem. That’s not to say it’s a security panacea, but it can greatly reduce password-related issues.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

Author

Share this article

You might also like:

NCAA basketball coaching legend Bobby Knight once said: “Good basketball always starts with a good defense.” Winning teams understand their opponents’ strengths and weaknesses, as well as their own. They study their opponents’ plays and anticipate their next moves. The same concept is true for cybersecurity, which is why, at

Dallas, Texas, January 31, 2024 – General Datatech (GDT), a leading global IT services provider, has worked with Juniper Networks to launch GDT Network as a Service (NaaS), Powered by Juniper. This modern networking approach simplifies network design, implementation, and management by delivering a flexible, subscription-based option to access the industry’s

While technology can deliver unprecedented value as a core business enabler, choosing and implementing the right solutions effectively within the context of your organization’s specific business needs and objectives can prove incredibly challenging. Many businesses have a complex technology footprint yet lack the skillsets, time, and resources to optimize and