YAPDD (Yet Another Password Data Dump)
"Collection #1" is the latest huge mass of email addresses, passwords, and miscellaneous files that privacy and security researchers are expressing concerns about. If you re-use email addresses and passwords to access a lot of different sites, then you may be open to identity theft and other attacks. Another report here. And another.
You can check Have I Been Pwned? (HIBP) to see if your email address has been found in one of these files (although it won't tell you where it's been found or with what password). It does have a separate page where you can search to see if your password has been found in a dump, but not what email address it's associated with. That's probably good for privacy issues, but it isn't all that helpful when trying to find out if you are actually in any danger.
I had a look at the list of sites from which the data was collected. Nothing jumped out at me in terms of sites that I have used or visited. I did notice an awful lot of the sites are Russian, and that a lot of them seem to relate to job searching.
Very good - an opportunity to use a password manager and change all those passwords with very strong construction techniques.
I found a few on my LinkedIn account, so gone through the obligatory exercise.
Regards
Caute_cautim
@rslade wrote:YAPDD (Yet Another Password Data Dump)
"Collection #1" is the latest huge mass of email addresses, passwords, and miscellaneous files that privacy and security researchers are expressing concerns about. If you re-use email addresses and passwords to access a lot of different sites, then you may be open to identity theft and other attacks. Another report here. And another.
You can check Have I Been Pwned? (HIBP) to see if your email address has been found in one of these files (although it won't tell you where it's been found or with what password). It does have a separate page where you can search to see if your password has been found in a dump, but not what email address it's associated with. That's probably good for privacy issues, but it isn't all that helpful when trying to find out if you are actually in any danger.
I had a look at the list of sites from which the data was collected. Nothing jumped out at me in terms of sites that I have used or visited. I did notice an awful lot of the sites are Russian, and that a lot of them seem to relate to job searching.
Thank God for password management. Something else that would help not getting victimized by stuff like this is multi-factor authentication...