latest update

Online security news on email data breach of multiple websites related to Collection 1

Dear Clients,

If you are following us on the Facebook ( then you must be aware that a huge breach of Email Database and Passwords had been reported recently involving multiple websites.

It emerged that more than a billion unique email address and password combinations had been posted to a hacking forum for anyone to see in a mega-breach dubbed Collection #1.

The breach was revealed by security researcher Troy Hunt, who runs the service allowing users to see if they’ve been hacked called Have I been Pwned. He has now loaded the unique email addresses totalling 772,904,991 onto the site.

The data includes more than a billion unique email and password combinations – which hackers can use over a range of sites to compromise your services. They will do so by utilizing so-called credential stuffing attacks, seeing bots automatically testing millions of email and password combinations on a whole range of website login pages.

The data originally appeared briefly on cloud service MEGA and was later posted to a popular hacking forum. The Collection #1 folder is comprised of more than 12,000 files weighing in at 87 gigabytes.

Most concerningly, the protective hashing of the stolen passwords had been cracked. This means they are easy to use because they are available in plain text rather than being cryptographically hashed as they often are when sites are breached.

A detailed report can be viewed here.

You may visit the following websites to check if your passwords have been compromised

Please be alert and keep the following points always in your notice :

  1. Keep your PC and smart devices protected with a good updated Antivirus & Firewall.
  2. Scan your PCs & Network with a reliable Antivirus and Antimalware Software at regular intervals.
  3. Update your operating systems regularly as recommended by the provider.
  4. You may receive mails from known emails accounts even it may seem to be your own account. Please verify its source immediately and secure your account.
  5. Do not download, open any attachments from unknown sources.
  6. Do not click on any unknown links or respond to emails without verifying properly.
  7. Do not share your personal details, passwords or OTP on non-secured websites.
  8. Always double check the URL and Domain Name you are accessing for its authenticity.
  9. Always use a strong password and change the same at regular intervals.
  10. In case of a breach or infection, isolate the node, scan & clean with properly updated antivirus & antimalware software.
  11. Do not access your bank accounts or perform any online transactions from insecure network or shared PCs.
  12. Do not share your passwords, OTPs to unknown callers no matter how authentic they may sound. Report to appropriate authorities any such attempts.

We hope the above would help you understand our concern and help you in establishing a secure, cautious, verified and safe online activities.

Please feel free to get in touch in case you need any assistance or clarification.

Posted on: Monday, 25th February 2019 2:17 PM