A total of about 772,904,991 unique email addresses and over 21 million unique passwords have been leaked online. According to a report on troyhunt.com, the data were distributed in a folder titled ‘Collection # 1’ by hackers, on a hacking forum. The leaked data contains over 87GB worth of passwords and email addresses.
The report did not mention those responsible for the leak, but it could be remembered that last November, Hackers Also Published Private Messages From 81,000 Facebook Accounts. The hackers responsible for that act also revealed that they had details from a total of 120 million accounts, which they were attempting to sell.
The data leak was posted on the cloud-based sharing website, Mega and this data seems to have been taken down since. How logins on most websites work, is that they don’t store password, instead, what they store is a “hash” of your password, which emerges after a complex mathematical calculation that spits out a long string of numbers and letters instead.
Meaning, the next time you log in using the same credentials on the website and type in the password, the authentication process runs the password through the same calculations, and if the created hash matches the original one, you are allowed to access your account. The breach clearly suggests that these hashes have been safely cracked. Users can know if their account is breached by visiting the haveibeenpwned website and type in your email address to know if your account has been compromised.