773 Million Emails, 21 Million Passwords Leaked in ‘Largest Breach Ever’

a reply to: Kandinsky

using phrases helps a lot.

Been preaching this for a long time, but people like simple and short.

"Mary had a little lamb" is so much better than "a1b2c3d4e5"

originally posted by: roadgravel
As far as site account credentials, most sites are not saving passwords so are they actual passwords or hashes.

Simple and short passwords are easy to get from the hashes, specially with today's powerful CPUs and GPUs. I once saw a site with a list of de-hashed passwords that included one simple password I used at the time.

a reply to: Klassified

Even better, but not easy to do for everyone, is using accented characters not used in the basic ASCII character set.

A funny thing about that is that some sites do not recognised and not allow those characters that would make a much stronger password. I used them when I can.

originally posted by: UKWO1Phot
Emails are easy enough to generate.
I wouldn't be too worried if your emails are on there.
You NEED to worry if any passwords you are still using are!!
Check those too here:- Password check on HIBP

hmmm

You've Been Scraped In October and November 2018, security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator. Containing a total of over 66M records, the owner of the data couldn't be identified but it is believed to have been scraped from LinkedIn hence the title "You've Been Scraped".

The exposed records included names, both work and personal email addresses, job titles and links to the individuals' LinkedIn profiles. Breach date: 5 October 2018 Date added to HIBP: 6 December 2018 Compromised accounts: 66,147,869 Compromised data: Email addresses, Employers, Geographic locations, Job titles, Names, Social media profiles

almost 10% of those only just discovered . . .

I think we can all at least take away from this that our digital databases and information are somewhat low on security .