[BreachExchange] Over 87GB of email addresses and passwords exposed in Collection 1 dump

[Destry Winant]

https://www.zdnet.com/article/over-87gb-of-email-address-and-passwords-exposed-in-collection-1-dump/

Almost 773 million unique email addresses and just under 22 million
unique passwords were found to be hosted on cloud service MEGA.

In a blog post, security researcher Troy Hunt said the collection
totalled over 12,000 separate files and more than 87GB of data.

The data, dubbed Collection #1, is a set of email addresses and
passwords totalling 2,692,818,238 rows that has allegedly come from
many different sources.

"What I can say is that my own personal data is in there and it's
accurate; right email address and a password I used many years ago,"
Hunt wrote. "In short, if you're in this breach, one or more passwords
you've previously used are floating around for others to see."

Some passwords, including his own, have been "dehashed", that is
converted back to plain text.

Hunt said he gained the information after multiple people reached out
to him with concerns over the data on MEGA, with the Collection #1
dump also being discussed on a hacking forum.

"The post on the forum referenced 'a collection of 2000+ dehashed
databases and Combos stored by topic' and provided a directory listing
of 2,890 of the files," Hunt wrote.

The collection has since been removed.

You can use Hunt's Have I Been Pwned service to see if your
information has been exposed.