Record number of passwords leaked
Security experts have urged PC users to check whether their passwords have been leaked online following one of the largest privacy breaches ever.
The email addresses and passwords of 711 million people were stolen by a spambot – a program that collects the addresses to build huge mailing lists for spam – and put on a server believed to be in the Netherlands.
This particular spambot, called Onliner, spreads the Ursnif malware, which steals victims’ banking details.
To see if you’ve been affected, visit the site ‘Have I Been Pwned?’ ( https:// haveibeenpwned.com, see screenshot), which contains searchable databases of privacy leaks. Type your email address into the search bar then click ‘Pwned?’.
The site will search for your details in the latest leak, as well as in dozens of others over recent years. If your details have been stolen you’ll see the message ‘Oh no - pwned!’. Scroll down to see which leaks contain your details. You should change your password for any accounts that have been affected.
Troy Hunt, the Australian security specialist who runs ‘Have I Been Pwned?’, says that the leak of 711 million accounts is a “mind-boggling amount of data”.
He wrote on his blog ( www.snipca.com/25498): “Just for a sense of scale, that’s almost one address for every man, woman and child in Europe”.
Hunt said he’s working with Dutch police and French security researcher Benkow (who discovered the leak) to shut down the server.