If Your Email Account Is On This List, Change Your Password Right Away

Technology has helped the world become a better place. For instance, communication is now much better than before. We have plenty of platforms that we can use to connect with our loved ones or friends. Email, in particular, is a living proof of technology’s greatness.

Apparently, a group of computer security experts chanced upon a spam list that contains a whopping count of 711 million email addresses. Discovered by a Paris-based security researcher called Benkow, the said list contains two separate troves of data.

This is perhaps the largest email breach in history.

The first trove has a set of email addresses, but the second one proves to be alarming. It reportedly contains addresses and passwords.

To verify if your email address is among the harvested email addresses, use haveibeenpawned.com. If the site returns with a warning, then your email address has been hacked.

According to IFLScience, the site is being managed by a computer security expert named Troy Hunt. He is also the first one to ever come across the spam list after Benkow sent it to him for verification.

The spam list contains not only email addresses, but also a set of passwords.

This is what Hunt said of the spam list:

For a sense of scale, that’s almost one address for every single man, woman, and child in all of Europe.”

Hunt claimed that the data set is the biggest to be ever loaded on his site. Its size, in particular, is enough to alarm everyone who use emails. And obviously, almost everyone in this world uses the platform.

Hunt tweets the following:

Processing the largest list of data ever seen in @haveibeenpwned courtesy of a nasty spambot. I’m in there, you probably are too.”

The data was acquired using a machine dubbed as “Onliner Spambot.” This very bot helped Hunt and Benkow pinpoint an IP address, which is listed in Netherlands. Hunt, however, explained that he has no plans of uploading the data set. For him, doing so might only spread the data further.

The law enforcers have already been notified about the breach, but nothing significant has been made yet.

For now, it’s better for users to check their email addresses using the site. Worst case: Users must immediately change their passwords and retrieve all information from the email. Or, as much as possible, create a new email address. They also have to make sure that the password is almost impossible to hack such as using a combination of characters (e.g. capital letters, symbols, numbers), as experts recommend.