e-mail leak

Only in January of this year, the network was shaken by a huge e-mail leak. Now comes the next one: over 800 million email addresses and personal details are affected.

At the beginning of the year, a data set with access data of more than 773 million users surfaced in the network. Now, the security researcher Bob Diachenko has found a record with almost 800 million e-mail addresses in the network. However, the database contains even more, including phone numbers and personal information. For example, the postal code, address, gender and IP of the user. The database is probably originally from an email marketing company.

If you want to know if your data is affected, you can use the service “ Have I Been Pwned “. Enter your e-mail address there and see if your data is affected by this or another leak. Still, you have to be patient for a while. The developer of the service has already announced that it takes a while to load the huge database. This should be done by tomorrow at the latest. If you use a password manager like 1Password or Bitwarden , you can also check your data here as they have integrated the check with ” Have I Been Pwned “.

Have I Been Pwned: Passwords can also be checked

e-mail leak
[image from chip.de]

The password checker by security expert Troy Hunt has been around for some time. It is still very easy to use: To check whether a password has already been stolen once in the event of a data theft, simply click on “Passwords” during the service and type in the password. Then behind it on “pwned?” click and the service already shows if the password has ever been cracked or not.
The database is constantly being expanded and maintained. In addition, you can see how often a password has already appeared in data theft. The more often, the less secure the password is. The goal must be to use only passwords that are not yet in the database.

Use password checker only as a test tool

password checker
[image from chip.de]

But should one really type in their own passwords at a web service for review? No, not really, because after all it would be conceivable that the testing service records the passwords even in background. At least the maker of Have I Been Pwned states that does not do that.
Our recommendation: Use the password checker as an auxiliary tool and to understand clearly how uncertain some passwords are. If you see that “123abc” is almost 600,000 times in password leaks, hopefully after the first shock, it will reconsider its password strategy and choose more secure passwords. This will help password managers again.

LEAVE A REPLY

Please enter your comment!
Please enter your name here