It hasn’t even been 15 days since details of the world’s biggest online private data dump were discovered by security researchers and now its second “installment” has posted online.
As per the report from Heise.de, a German-language website, the first collection, which was published on January 17 and dubbed as Collections #1 had approx. 770 million or 772,904,991 unique email IDs of people. It also had 22 million usernames and passwords spread across 2,692,818,238 spreadsheet rows contained in 12,000 files.
The second collection of data is named Collections #2-5 and has been posted on Interweb. It contains 2.2 billion usernames and passwords and includes roughly 845GB of stolen data. The data includes 25 billion records but according to researchers most of the leaked accounts are duplicated, and might have been collected from previous data dumps. However, even if the duplicate accounts are left out, the size of the new data dump is much larger (at least three times large) than Collections #1.
According to a report from Wired, a researcher associated with the Hasso Plattner Institute noted that despite having duplicate content, the new data leak is probably larger than any published in the past because it still contains unique, new credentials in the majority.
Who posted the data? This question is still a mystery but researchers believe that the hackers might have collected the data from many low-key websites. Nonetheless, the appearance of old credentials once again in a massive, fresh data dump does make the targeted users around the world vulnerable because most people use the same credentials to access their accounts on different services.
Interestingly, instead of selling the data on underground forums like the dark web, the hackers behind the Collections data leak are offering such a massive number of unique credentials and emails IDs online for free. The databases can be accessed easily as a Mega upload link as well as on different hacking forums.
In a conversation with Wired, Chris Rouland, founder of Phosphorus.io security firm said that while he was downloading data he observed that the same data has been downloaded over 1,000 times already. Moreover, Rouland noticed that over 130 people were involved in making the database available online. Since there are multiple copies of the data online, therefore, it will be much difficult to remove it from the internet for good.
If you want to check whether your account details are part of the new data dump called Collections #2-5, you need to use the tool available at Hasso Plattner Institute’s website and enter your email ID. If the tool identifies your ID to be part of the new data collection, it will notify you via email. You can also use Identity Leak Checker developed by Hasso Plattner Institute if your email and passwords were part of a recent data breach.