Collection #1 data dump gives new scale to an old problem - Cyber Site

Collection #1 data dump gives new scale to an old problem

Cyber Site

Collection #1 data dump gives new scale to an old problem

A none-too-reassuring constant in cyber security has been the frequency of data breaches, it is normally a waiting game to see which internationally-known brand name will become this week’s headline.

Before Christmas we had the hotel brand Marriott falling victim to exactly this, yet barely a month into the New Year a new data dump has emerged that has given new scale to the problem of data breaches that are regularly encountered.

The Collection #1 data dump – consisting of some 87GB of data comprising over 12,000 files across more than 2.6 billion spreadsheet rows – includes more than 1.1 billion combinations of email addresses and passwords from almost 800 million individual email addresses. This immediately makes the incident the biggest single data dump to date.

What has been rightly pointed out however, is the fact that across some 700 million accounts only 21 million unique passwords were in use.

This highlights the ever present problem of the human tendency to reuse their passwords, a key way of ensuring that the compromise of one account can quickly spread across an individual’s entire digital life.

A key issue for businesses and individuals alike is that, even if the appropriate measures are taken to secure their accounts, you can never be certain that other databases where your credentials are stored are secure. The use of Structured Query Language Injection (SGLI) has been at the top of vulnerability rankings for most of the past 15 years, and is in great likelihood the culprit here once again. Vulnerability to such methods can hardly be seen as “advanced” when they are so widely known and understood.

The recent Marriott breach is testament to the fact that you place great trust in many brands for providing services; you more you reuse passwords the greater the vulnerability you carry if and when their database is breached. Collection #1 has simply taken an old story to a new scale, everybody should act accordingly to secure their digital lives, both personally and professionally.

Read more news

Go back