Has your email been compromised?
Last week, security researchers uncovered a spam list of 711 million email addresses and passwords. Though law enforcement agencies are working to shut the list down, it’s possible that hackers have acquired the email addresses and passwords of your staff with a view to installing malware of your corporate system. To check if your security is compromised, follow this link.
Last week, a security researcher known as Benkow moʞuƎq uncovered one of the most extensive collections of data ever created: a spam list containing approximately 711 million email addresses. Consisting of two separate troves of data – one comprising of email addresses, and one of both addresses and passwords – the number of emails on the list equates to almost one address for every man, woman and child in Europe and marks a major security threat for both businesses and individuals which must be addressed immediately.
Today, this list has been uploaded to the website haveibeenpwned.com where individuals are able to search the database for affected accounts. The website is operated by Australian computer security expert (& Microsoft Most Valuable Professional) Troy Hunt, who initially received the data from Benkow. As he clarified on his website, this is the largest single data set he has ever uploaded into his site.
Processing the largest list of data ever seen in @haveibeenpwned courtesy of a nasty spambot. I’m in there, you probably are too.
— Troy Hunt (@troyhunt) August 28, 2017
The data was harvested by a machine known only as “Onliner Spambot”, and appears to have originated in the Netherlands, though information is currently being withheld whilst the relevant authorities investigate.
While law enforcement agencies are working to shut the list down, it’s essential that businesses take action to ensure their email addresses and passwords have not been compromised. As a matter of urgency, we recommend that readers input their email address, as well as those of their colleagues or employees, into the website haveibeenpwned.com to see if they have been harvested. If this is the case, it’s important that all accounts using information are changed immediately. For greater peace of mind moving forward, we would recommend installing a password manager such as 1Password.
As always, if you have any queries or wish to discuss this matter further please contact your usual Account Director, call our office on 01473 727800, email us at firstname.lastname@example.org, or tweet us @atains.