Over 20 million passwords leaked in 2019’s first major data breach revelation
It’s only the first month of 2019 and hyper-active cyber criminals are already on the prowl to steal your confidential information and data. In one of the biggest revelations of data breaches in history, more than 700 million email addresses and nearly 22 million passwords have been reportedly compromised.
Data breach notification portal Have I Been Pwned (HIBP), which allows users to ascertain if their personal information has been compromised or not, first exposed this global data theft – named Collection #1 – on Thursday.
“Collection #1 is a set of email addresses and passwords totalling over 2 billion rows. It’s made up of many different individual data breaches from literally thousands of different sources,” said Brisbane-based security researcher Troy Hunt, who runs HIBP.
The cache of emails and passwords in Collection #1 have been built up from numerous data breaches, across various countries, over a decade.
Separately, the California-headquartered Reddit – a social news aggregator, web content rating and discussion website – restricted some users from accessing their accounts and asked them to change their password after detecting some unusual activity on the site last week.
The average cost of data breaches in Gulf region’s two biggest economies – the UAE and Saudi Arabia – was $5.31 million in the first half of 2018, a 7.1 per cent year-on-year increase, according to a study conducted by tech giant IBM Security and Michigan-based Ponemon Institute that was released in July last year.
The UAE witnessed one of the biggest data breaches of the decade in the first half of 2018, when ride-hailing firm Careem admitted the theft of personal data of up to 14 million of its customers.
“Data breaches occur through weak credentials, poor password policies, lack of multi-factor authentication, unnecessary exposure of systems and services to the internet or unpatched vulnerabilities,” said Alex Hinchliffe, threat intelligence analyst at Unit 42 – a threat research team at American cybersecurity firm Palo Alto Networks.
“Addressing some of these very basic cyber hygiene factors would significantly strengthen an organisation’s defences,” he added.