Spambot Leaks 711m email addresses - Is yours Exposed?
4 September 2017 09:05
The bad guys just got breached. A spambot computer program, used to harvest email addresses to send spam messages, has leaked 711m email addresses and passwords. Find out if your email has fallen victim and, if so, what your next steps should be.
We’re all familiar with spam messages nowadays. If it’s not a brand new miracle weight loss pill ready to give you the physique of an Olympic gold medallist in under six weeks, then it’s the notorious ‘Nigerian Prince’ advanced-fee scam, asking for a small sum of money in return for a future rich return.
What you might not be so familiar with is that a spambot computer, used to harvest email addresses for these sorts of scams, has just leaked a record-breaking 711 million email addresses - and a number of passwords.
To put that into perspective, that’s one address for every man, woman and child in all of Europe.
How did it happen?
You might be wondering how such a huge data breach could occur. Well, the spammers failed to secure one of their servers, meaning that any visitor could download lots of gigabytes of information without needing any credentials whatsoever. Although, it’s impossible to know just how many others besides the spammer who compiled the database have downloaded their own copies.
One silver lining is that, of the mountains of exposed emails and passwords, many of the addresses aren’t linked to real accounts. Some are incorrectly scraped from the public net, while others are simply guessed by adding “sales” or “info” into at the beginning of a generic domain.
Similar read: Big Data Means Big Risk - Just Ask Sweden!
Find out if your details have been leaked
You can check the popular breach-tracking website “Have I Been Pwned” to see if your email account information is in the hack, although, finding yourself in this data set might not give you much insight into where your email address was obtained from nor what you can actually do about it.
What can you do if your email/ password is exposed?
If Have I Been Pwned says your email address appeared in the Onliner dump, there are three steps you need to take immediately. The first is changing the password to your email account. Second, make sure you're not using that password in any other online accounts -- especially those for banking. Lastly, enable two-factor authentication, so your email address and password alone aren't enough for your account to be cracked.
Similar read: GDPR vs BREXIT - The Fight For Data Protection