It’s probably time to change your passwords again. All of them. Especially if there are any passwords you have been using for more than 12 months. Why? Because a huge database of 560 million login credentials has been found online, waiting to be discovered by ne’er-do-wells.
There have been several major data breaches in recent years. All of which have resulted in millions of email addresses and passwords becoming available to anyone who has the knowhow to find them. And now a database containing hundreds of millions of old passwords has leaked online.
Old Logins, New Problems
This database of 560 million leaked emails and passwords was first discovered by the Kromtech Security Research Center. It’s sitting, completely unsecured, on an internet-connected device running an early version of MongoDB. Which means it’s viewable by any hackers with half a brain.
The good news is the database comprises login credentials from previously disclosed breaches. Including LinkedIn, MySpace, Tumblr, DropBox, LastFM, Adobe, and Neopets. The bad news is they’re all neatly packaged in one database, making the information more accessible than ever.
This essentially means that if you didn’t change your password after a previous breach, you really should do so now. And if you’re afraid you’ve missed a previous data breach you should check whether your email address has been flagged by typing it into Have I Been Pwned.
While discussing this latest data leak, Kromtech researcher Bob Diachenko told Gizmodo, “We wanted once again to highlight the importance of changing the passwords, because more and more malicious actors seem to exploit the data grabbed from previous leaks and hacks”.
Just Change Your Passwords Already
As these login credentials are old, the chances are you have already changed any of the passwords contained within this leaky database. However, it’s always a good idea to change your passwords regularly anyway just in case, so we recommend you take this opportunity to do so.
How often do you change your passwords? Do you change them manually? Or use a password manager? Have your login credentials ever leaked online? Will the existence of this database prompt you to change your passwords again? Please let us know in the comments below!
Image Credit: Christiaan Colen via Flickr