The largest stolen credential combo to date, containing over 3.2 billion user login combinations, was posted on a cybercrime forum last week.
The mother of all data breaches, nicknamed « Compilation of Many Breaches (COMB) by its downloader, includes unique combinations of emails and passwords from over 250 previous data breaches, such as Netflix , LinkedIn and Exploit.in .
According to cybersecurity researchers, the database is traded in the underground community for a mere $ 2.
“On February 2, 2020, the user Singularity0x01 created a discussion thread on the popular English-language cybercrime forum RaidForums entitled » VS ompilation of Many Breaches (COMB) « 3.8Billion (Public), said digital shadow researcher Ivan Righi. « In order to view the download link for the .ZIP file containing the data, forum users have been asked to spend credits 8RaidForums (about $ 2).
Impact of data breach
Although the leaked information spans almost five years, users who have failed to reset account passwords following a security incident are in shock. Keep in mind that the information may be out of date or old, but user data does not have an expiration date. Cybercriminals recycle information found in old data breaches. They know that most people use the same password for multiple accounts.
The data could be used in credential stuffing attacks, as threat actors attempt to take over user accounts to steal personally identifiable financial and personal information.
How to protect your accounts
As a general rule, never use the same password, or a similar password, when creating an account. If you have been notified of a violation, act quickly and reset your password immediately. Choose unique and strong passwords and look for a trustworthy password manager app to help you keep tabs on all login information. If the platform allows two or more factor authentication, consider enabling them for added security.
It is also a good idea to install a security solution on your devices. Since data breaches happen on a daily basis, it can be difficult to stay informed about the information exposed.
You can learn more about how to mitigate a data breach and regain control of your personal information. with the protection of the digital identity of ATK Technologies.