Good morning! A whole slew of usernames and plaintext passwords were leaked for a number of different sites—at 772 million and 21 million respectively, it’s the largest data leak in history. Here’s how to make sure your information is still safe.
This collection of email address and passwords—dubbed “Collection #1”—groups together several smaller breaches into a larger master file of sorts. This huge collection of data comes from several different sites, so your personal info may have been compromised from multiple different sources. That means your information could’ve been compromised multiple times—the same email address with different passwords.
Collection #1 was obtained by Have I Been Pwned owner Troy Hunt, which he then cleaned up, uploaded to the service, and penned a detailed blog post about. For those who may not be familiar with the service, Have I Been Pwned is an excellent resource to find out whether your data has been compromised in any existing breach to date.
So, to find out if your email or passwords have been compromised with the Collection #1 leak—or any other before it—head over to Have I Been Pwned, enter your email address, and brace yourself for the results. You can also subscribe to email alerts so in the future you’ll know if your email address has been compromised as soon as the data is available.
This also serves as a good reminder to use strong, unique passwords on all sites you visit. A good way to do this is by letting a password manager do all the heavy lifting for you—a good one will generate a strong password and remember it for you. The only thing you need to do is remember the master password for the vault.