If you keep up with tech news, chances are you have heard about the discovery of a very large data breach earlier this month. But just how big is it and what should you do about it? I’ve compiled the following facts for your consideration.
It’s Not as Bad as it Seems
When news first broke that over 272 million email usernames and passwords had been hacked and were currently being peddled by Russian hackers, it caused quite a stir. However, email services were quick to offers assurances that they had not been hacked. Instead, hackers had accessed a number of third-party platforms and had compiled a large quantity of email addresses and matching passwords over an extended period of time. Hold Security, the firm that first broke the big hack story, confirmed email services’ accounts, noting that the large trove of email addresses and passwords came from a “collection of multiple breaches over time”.
What is more, most of the email addresses and passwords that were put up for sale are no longer valid. Google has noted that 98% of all Gmail addresses and passwords were not valid. Mail.ru, Russia’s largest email service provider, found that only .018 of all email and password combinations were correct and current.
Are You in Danger?
If you read the above clarification and are breathing a sigh of relief, don’t. While the “world’s biggest hack” is not nearly as big as it initially sounded, the fact is that there is certainly cause for concern. If 98% of Google’s breached email data was no longer valid, then this would indicate that 2% of this data does in fact consist of valid email username and password combinations. If only .018% of all Mail.ru’s listed email and password combinations are right, it still represents a breach of about 1,000 email accounts. While Yahoo and other email service providers have not provided information regarding the validity of the hacked email accounts, it is not unrealistic to estimate that tens of thousands of email and passwords have been compromised.
What is more, these breaches make it possible for hackers to access other accounts. You may feel your account is sure; however, it really isn’t if one of your business contacts or family members has been hacked. This same point applies if someone on your email list is on the email list for someone who has been hacked. Hackers are notorious for using information from one account to engineer future break-ins.
What Can I Do about It?
If you are concerned about this large-scale dissemination of information, consider taking the following steps:
- Change the password for all your email accounts, and be sure to pick a brand new password that you have never used for any other account.
- If you used you email password for other accounts (i.e. social media accounts, cloud storage accounts, bank accounts, etc.), change the password, using a completely different password for each account.
- Avoid sending sensitive information via email if at all possible.
Hacking has been around for quite some time and it will likely be around for the foreseeable future. While it is reassuring to know that there are not hundreds of millions of valid email and password combinations currently being sold online, I still highly recommend that you do everything in your power to make sure your account is secure, both now and in the future.
CTECH Consulting Group is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (403) 457- or send us an email at firstname.lastname@example.org for more information.
Published on 17th May 2016 by Carl Fransen.