More than three billion email addresses and passwords are now in the hands of hackers. As reported by CyberNews, approximately 3.2 million plain text emails and password pairs have been leaked on a popular online hacking forum. This latest leak aggregates previous leaks from Netflix, LinkedIn, Bitcoin, and more.
So these passwords are not necessarily the ones required to log in to an appropriate email account. Only emails and logins used to access services like Netflix that have been affected by other leaks.
However, when this combination of password and email is used for a variety of different services (for example, to log into email inboxes and access online shopping portals), it can be a significant headache for those affected.
The study does not specifically mention whether accounts from email providers such as Hotmail, Outlook, Yahoo Mail, or others are affected.
However, Express.co.uk used an online tool to check if any of our personal addresses had been affected by the security breach and found an affected Gmail addie.
This latest leak is believed to be the largest compilation of email addresses and passwords leaked online.
The biggest breach to date was the 2017 Breach Compilation, which saw 1.4 billion credentials leaked online.
However, this latest leak – known as the Compilation of Many Breaches (COMB) – is more than twice the size of the 2017 data cache.
READ MORE: Google Might Owe You Money After Finding Gmail, Photos, and Drive Error
CyberNews said the potential impact of this latest breach is “unprecedented,” especially if affected users use the same password for their emails for other online services.
While this is not the best practice, some users tend to reuse passwords as it can be easier to remember.
If you are affected by this latest breach and are using the affected password for other online accounts as well, we encourage you to change both quickly.
Enabling two-factor authentication (2FA) when websites allow it can add extra protection to your accounts.
CyberNews said, “The impact of this new breach on consumers and businesses may be unprecedented. With the majority of users reusing their passwords and usernames across multiple accounts, credential-filling attacks are the number one threat.
“If users use the same passwords for LinkedIn or Netflix as for their Gmail accounts, attackers can switch to other more important accounts.”
They added, “Typically, users are advised to change their passwords regularly and to use unique passwords for each account. Creating and storing unique passwords can be challenging. We encourage users to hire password managers to help them establish strong passwords to create.
“And of course, users should add multi-factor authentication like Google Authenticator to their more sensitive accounts. Even if an attacker has their username and password, they can’t get into their accounts that way.”