Collection #1 data breach

Soldato
Joined
14 Oct 2007
Posts
5,372
Location
wubalubadubdub
Don't know too much about this so I will post as I understand it...

So there has been a big email/password dump on a hacker forum (plain text format) millions of users maybe affected check https://haveibeenpwned.com/ to see if your on the list I will post news sources below:


https://www.forbes.com/sites/kateof...to-find-out-if-your-password-has-been-stolen/

https://bit-tech.net/news/tech/software/773-million-credentials-leaked-in-collection-1-database/1/

https://motherboard.vice.com/en_us/...tion-one-data-breach-password-hack-what-to-do


My question is, does anyone know if these are Email/Password combo's or separate emails AND passwords that are unconnected to each other and where did this data actually come from?
 
Last edited:
This is a tricky one as it doesn't actually tell us exactly which online services have been breached to get this data so all I can do is change the email account pw so they can't use that to reset the accounts they might want and do a lockout and I don't want to have to change every single account I have tied to this email + as mad as it sounds if I did get one of my 'web service accounts' hacked then at least I would know which service they got the email from and would know which password has been 'got'
 
i googled some of my old passwords and they are there in plain text, they were random letters and numbers too

i'm glad i stopped signing up to so many different sites, makes it easier to remember where i have

sometimes wish i could delete every trace of myself from the internet and start again
 
Going back more than ten years, I used a handful of generic passwords across sites (as I expect most of us did). I don't use them any more and have been using unique and complicated passwords since 2009. I'm using this as an excuse to go through every single login in my password manager (1Password) and change the passwords. It also means I'm having a good tidy up because a lot of sites I had accounts on no longer exist so I'm deleting them.

1Password is great, it checks on the fly against HIBP to show if any passwords have been compromised. None of my unique passwords have and I'll be very surprised if they are.
 
Thanks to the likes of linkedin, myspace etc.. I've already been pwned on multiple occasions.

I now don't know most of my passwords and simply get them autogenerated and stored.
 
but whats the source?

The source is normally something like pastebin, i think the researcher who runs the hibp site has a script/tool that looks at paste dumps to see if they match email/password combinations.

Unfortunately he'll never reveal passwords - which is annoying for us, as it means you can't then go and change just that sites password (or any others using the same password).

is it safe you enter your email address into that site?

It's run by a security researcher, it's been running for years and he's pretty open about how it operates etc.

Obviously your choice to enter your email address - there's no password request, so the worst thing that could happen is you get signed up for a load of junk.
 
Not accurate, I often get emails with my password in plain text but that list says I haven't been pwned.

It can only check against these leaks which have been released to the public. There's undoubtedly many other data breaches where hackers have kept or sold the data which are unknown currently.
 
My question is, does anyone know if these are Email/Password combo's or separate emails AND passwords that are unconnected to each other and where did this data actually come from?

it's a set of email addresses and passwords totalling 2,692,818,238 rows, spread over 12,000 separate files and more than 87GB of data. That includes nearly 773 million unique email addresses, and almost 22 million unique passwords, which actually come together to make 1,160,253,228 unique password and email combinations.

but whats the source?

Bunch of different breaches - full list here - https://pastebin.com/UsxU4gXA

Not accurate, I often get emails with my password in plain text but that list says I haven't been pwned.

haveibeenpwned can only inform you about breaches they have listed in their database. A lot of smaller breaches haven't made it to their attention.

YES I did see that part but call me paranoid but I don't trust that part as the log file of the query form on that site could get hacked and they will get your password that way

The site never sees your password, only a hashed value - there's a really interesting readup about it at https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymity
 
Back
Top Bottom