Reuters has revealed in a recent article that US security company Hold Security has obtained from a hacker nicknamed ‘the collector’ a list of 272 millions email addresses and passwords, mainly from Gmail and mail.ru, Yahoo! and Microsoft.
Reuters spoke with Alex Holden, founder and Chief Security Officers of Hold Security.
It is one of the biggest stashes of stolen credentials to be uncovered since cyber attacks hit major U.S. banks and retailers two years ago.
Holden has previously been instrumental in uncovering some of the world’s biggest known data breaches, affecting tens of millions of users at Adobe Systems.
While, it might sound quite bad, it is easy to mitigate against this breach and the risks that your email might be in the credentials dump.
The passwords and email addresses, which include some from Gmail, Yahoo and Russia’s mail.ru service, aren’t necessarily the keys to millions of email accounts. Rather, they had been taken from various smaller, less well-secured websites where people use their email addresses along with a password to log in. These credentials are often shared with other important websites like gmail.
People who use a different password for both their email account and, say, Target.com, won’t be affected. But those who tend to use the same password for multiple sites as well as their email should change their email password now so they have their email account secured.
Here are links on changing your email passwords:
How to change your Google Accounts Password.
How to change your Yahoo! Password