More than 770 million emails and passwords exposed in a massive breach
It seems like data breaches happen all the time nowadays. After this latest one, cybersecurity experts said if you haven't changed your password, the time is now.
A data breach containing about 773 million e-mail addresses and more than 21 million passwords was discovered on a hacking forum. Some cybersecurity experts are calling this one of the largest breaches ever.
"That is huge, and we should all be concerned because we could all be affected by that," Jim Winsett, with the Better Business Bureau of Chattanooga, said.
Winsett said everyone needs to pay attention to this one.
"You know, for the bad guys, there's no limit to what they could accomplish," he said.
The breach was first reported by security researcher Troy Hunt, who runs the HaveIBeenPwned website. Hunt is calling this breach "Collection #1." It's made up of many different individual data breaches from thousands of different sources.
You can check to see if your email is affected on this website. It doesn't show you all of the e-mails included in the breach, but you'll either get a green page, letting you know you're good, or you'll see a red page, meaning your e-mail is compromised.
The BBB said if your e-mail is on the list, you need to change your password now.
"Make it very complex, don't make it simple, and don't use the same password over for different accounts," Winsett explained.
However, with so many passwords, it can be hard to remember them all. We were once told not to write them down on a piece of paper, but in today's digital age, it might be your safest option.
"Writing and recording those in a safe place is what people need to do," he said.
Our Consumer Technology Reporter Jamey Tucker recommends an app to remember all your passwords. It's appropriately named "1Password." The app helps you securely store multiple passwords, in case you forget.
Since this breach includes e-mails and passwords, scammers could be "credential stuffing," meaning they run your login info on multiple sites.
"They're going to be selling those email addresses in blocks, the intent may not always be fraud, but 99 percent of the time it is," Winsett said.
The BBB advises picking an anniversary date and changing your password every year on that day.
You can check to see if your e-mail is a part of the "Collection #1" breach on HaveIBeenPwned.com.