With the addition of 763 million addresses for the latest data breach of Verification.io, an email address validation service, the haveibeenpwned.com database now has information on 7,695,066,389 hacked accounts - that's more than the current world population of 7,558,032,870. Worse, those are just the leaked accounts we know about. There was another major leak of 773 million records discovered in January and there are undoubtedly millions upon millions more accounts in breaches that have not yet been discovered.
According to the researchers who discovered it, the Verifications.io breach was due to the data being stored in a publically-accessible MongoDB database, without password protection. In addition to email addresses, some records included names, phone numbers, IP addresses, dates of birth and genders. While no passwords were in the leaked data, the information that is available is a dream for phishing attacks. Common email scams, such as the email blackmailing you for watching porn, become much more effective when you include the target's IP address or other personal information that "proves" you know more about them than you really do.
There's little we can do to stop our information from leaking – that's up to the companies involved to better secure their systems, which obviously isn't happening. However, there are things we can do to ensure that when our data is leaked, the impact is limited.
- Check to see which of your accounts have been hacked and where to ensure you change any passwords on those sites immediately.
- Learn how to tell if an email has been spoofed so you recognize when people are sending you phishing emails to a compromised address.
- Use a password manager so you can set up unique, complex passwords for every online account you access (Here are our picks for the best password managers). And yes, it is safe to store all of your passwords in a password manager.
- Set up two-factor authentication for any of your accounts which allow it.
Follow our articles on protecting your privacy for more critical privacy and safety tips.
[Image credit: hacking concept via BigStockPhoto]
