Collection #1 is a data set that was dumped onto the Internet. It contains 773 million email IDs and 21 million passwords and anybody can see the data.
Security researcher Troy Hunt runs the Have I Been Pwned website that lets people check if their email address has been in a data breach and he has analysed the data and uploaded it to his website haveibeenpwned.com so anyone can check if their details are included in this or any other high profile data breach. He does make the actual data available to anybody.
His analysis shows that Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources”
After cleaning the data and removing duplicates, it seems that 772,904,991 unique email addresses, along with 21,222,975 unique passwords are available in plain text. This does not include passwords that were found still in their hashed form.
Importantly, anyone who gets their hands on the cache can easily test the plain-text passwords against actual accounts. Approximately 140 million email accounts and some 10.6 million passwords were not known from past breaches.
If one or more of your accounts are in this data breach, then it is likely that one or more of your old passwords are available for others to see. Make sure you are not still using passwords from years ago.
Check if your accounts are included in the breach and if necessary change passwords and delete unnecessary accounts.
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.