Major Data Breach of 2019

The first major data breach of 2019, “Collection #1” is out and shining in the news headlines. Over 700 million email addresses have been leaked as the data saved on cloud service : MEGA was compromised last Friday.

The data, termed as “Collection #1” was basically a dump of all the result of data breaches happened in the past, dating back to 2008. This data has been uploaded on one of the major hacking forums.

Edward Tucker, ex-CISO of HMRC (Tax Office in the UK) and now the co-founder at www.humanfirewall.io and www.emailauth.io, says: “This simply adds to the evidence that privacy today is an urban legend. Security of users lies solely in their hands and the only way to be secure is to assume that someone somewhere is already snooping their data and hence act accordingly. Staying vigilant and cautious with every step one takes on the internet is the single path to safety.

"Remember, this is just the "Collection 1" and according to some ethical hackers in the BugsBounty.com community, the original collection is not only "Collection 1" but there is "Collection" 2,3,4 and 5 too. According to certain underground forums, the original seller of these collections was selling the entire package for merely $45 but due to some qurells between the seller and a buyer, a buyer made one of the collections public. This means there is more to come or worse, have already came in the form of underground dealings.

"Users are can check if their passwords have been leaked on websites like haveibeenpwned.com by entering their "email address only" but regardless, the only way to be sure is to change all passwords regardless.

As general good practices, follow the points religiously to avoid being part of breaches in the future:

1. Keep a strong 10-character password with symbols, numbers and mixed case alphabets
2. Use phrases like song lines and insert numbers symbols and alphabets in them instead of using dictionary words
3. Never use same passwords across multiple services and use password managers like the inbuilt one in chrome or other 3rd party managers
4. Implement 2 factor authentication wherever possible and organisations should enforce it on the employees.
5. Never share your password to anyone, especially over digital media, such as chats and emails.”

Also Read

Stay in the know with our newsletter