Go to Reviews.org US Edition
Billions of emails and passwords leak in massive data breach
Here's how to check if you've been affected, and how to prevent it from happening again.
Almost everyone has had some of their data leaked at some point in time, whether it was your old MySpace password or your Neopets login details. Yep, sadly, data breaches are a pretty common thing, and chances are you've been affected by the latest one, a series of recent attacks resulting in the database dubbed the "Compilation of Many Breaches" (or COMB), which contains more than double the credentials leaked in 2017's massive Breach Compilation.
The COMB data set comprises of more than 3 billion email and password combinations (plus full names, addresses and demographic information) from the likes of Netflix and LinkedIn, so it's almost certain that you or someone you know has had a login or two exposed. Fortunately, there is a way to tell if you've been affected. CyberNews, who first reported the leak, has created a tool that allows you to enter your email address and find out if your login details have been compromised.
While you won't be told which of your regularly visited websites' login details were leaked, it's an important reminder to protect yourself and your data online. Not sure how? Here are three easy steps you can take.
- Change your passwords now, and do so on a regular basis. Try to use a combination of upper and lowercase letters, numbers and symbols.
- Where possible, use two-factor authentication. This involves your usual password, plus a one-time code sent to you via text message or accessed through a dedicated authentication app like Google Authenticator and Authy for added security.
- Enlist a password manager. Services like 1Password and LastPass cost as little as US$3 per month and will remember all your passwords so you don't have to, meaning you can make them as complex and weird as you like.
Our friends at Verified.org are a great resource for learning about online security, including their guide what to do after a data breach.