A massive data breach dubbed as Collection #1 has exposed about 773 million email addresses and more than 21 million passwords.
The hacked information has been uploaded to the cloud service MEGA, which has already gone down at the time of this writing, and posted on hacking forums, putting it all up for sale.
Troy Hunt, the person behind the Have I Been Pwned? website, revealed the data breach in a blog post. He describes Collection #1 as "a set of email addresses and passwords totaling 2,692,818,238 rows" and explains that it's "made up of many different individual data breaches from literally thousands of different sources."
According to him, it contained more than 12,000 separate files and totals to 87 GB in size. He also mentions that some junk data is included, but based on his estimations, about 99 percent is authentic.
To break it down, Hunt says that 772,904, 991 emails, 21,222,975 passwords, and 1,160,253,228 unique combinations.
How To Check If The Data Breach Affected You
One quick way to confirm whether or not your data has been compromised is to go to the Have I Been Pwned? website and see if your email is involved in a breach or something along those lines. There's also the Pwned Passwords website that lets you check if your password has been jeopardized, which Hunt also made.
Hunt explains that the two pages have already been updated, meaning you can already double-check whether your info is involved in Collection #1 or not.
As always, to increase your chances of steering clear of incidents like this, it's advisable to use a password manager and two-factor authentication on websites and services that support it, avoid using the same password across multiple accounts, and immediately change passwords once you've determined you're affected by a breach such as this.