Security Tech News

560 Million Old Passwords Have Leaked Online

Dave Parrack 17-05-2017

It’s probably time to change your passwords again. All of them. Especially if there are any passwords you have been using for more than 12 months. Why? Because a huge database of 560 million login credentials has been found online, waiting to be discovered by ne’er-do-wells.


There have been several major data breaches in recent years. All of which have resulted in millions of email addresses and passwords becoming available to anyone who has the knowhow to find them. And now a database containing hundreds of millions of old passwords has leaked online.

Old Logins, New Problems

This database of 560 million leaked emails and passwords was first discovered by the Kromtech Security Research Center. It’s sitting, completely unsecured, on an internet-connected device running an early version of MongoDB How a MongoDB Database Can Better Organize Your Data MongoDB (from "humongous") is a cross-platform document-oriented database used as an alternative to MySQL. But what does that mean? Read More . Which means it’s viewable by any hackers with half a brain.

The good news is the database comprises login credentials from previously disclosed breaches. Including LinkedIn, MySpace, Tumblr, DropBox Are You One of 69 Million Hacked Dropbox Users? It has been confirmed that 68 million Dropbox accounts were hacked in August 2012. Was yours one of them? What should you do about it? And why did the hack take FOUR YEARS to come... Read More , LastFM, Adobe, and Neopets. The bad news is they’re all neatly packaged in one database, making the information more accessible than ever.

This essentially means that if you didn’t change your password after a previous breach, you really should do so now. And if you’re afraid you’ve missed a previous data breach you should check whether your email address has been flagged by typing it into Have I Been Pwned.

While discussing this latest data leak, Kromtech researcher Bob Diachenko told Gizmodo, “We wanted once again to highlight the importance of changing the passwords, because more and more malicious actors seem to exploit the data grabbed from previous leaks and hacks”.


Just Change Your Passwords Already

As these login credentials are old, the chances are you have already changed any of the passwords contained within this leaky database. However, it’s always a good idea to change your passwords Password Management Guide Don't feel overwhelmed by passwords, or simply use the same one on every site just so you'll remember them: design your own password management strategy. Read More regularly anyway just in case, so we recommend you take this opportunity to do so.

How often do you change your passwords? Do you change them manually? Or use a password manager? Have your login credentials ever leaked online? Will the existence of this database prompt you to change your passwords again? Please let us know in the comments below!

Image Credit: Christiaan Colen via Flickr

Related topics: Online Security, Password, Security Breach.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *