Your IP: Unknown · Your Status: Unprotected Protected

Blog News

What you need to know about the 770-million account breach

Jan 18, 2019 · 2 min read

What you need to know about the 770-million account breach

Everybody’s talking about Collection 1, the breach of 770 million people’s login information discovered by cybersecurity researcher Troy Hunt. Find out whether you should be worried about the breach and what you can do to protect yourself.

The facts

  • The “breach” is more like a collection of other breaches collected over time, many of which were already publicized separately (hence the name “Collection 1”). This is simply the first time that such a huge collection of compromised data was found being sold all in one place (check out the biggest breaches of 2018 here).
  • However, the collection contains roughly 140,000,000 email addresses that Hunt and his team at Haveibeenpwned.com have never seen before (read his report here). It is possible that this data has been bouncing around the dark web for some time as the product of other smaller breaches.
  • The scope of the data is really far more shocking than “just” 770 million people’s data, which is already a staggering number. According to Hunt, it includes “1,160,253,228 unique combinations of email addresses and passwords” and “21,222,975 unique passwords.”

Are you vulnerable?

You can use this tool to check if your password has been breached. It browses multiple databases, including those used by HaveIBeenPwned.

What to do if you’ve been compromised

Step 1 is to change your password for any email addresses that have been compromised or to change your passwords for any of your accounts that used the password that has been compromised. You can use these tips to create a strong password or use this strong random password generator.

The next steps will depend on the type of account that was compromised. If it’s your bank account, call your bank and ask them what they can do to keep your money safe. If it’s your email, check your history for strange messages that may have been part of a scam attack.

For more great cybersecurity tips and tricks, sign up for our monthly blog email newsletter below!


Daniel Markuson
Daniel Markuson successVerified author

Daniel is a digital privacy enthusiast and an internet security expert. As the blog editor at NordVPN, Daniel is generous with spreading news, stories, and tips through the power of a well-written word.


Subscribe to NordVPN blog