GDT Webinar Series – How to Fail at Security? Reserve Your Spot

The Collection #1 Data Breach─sit down first; the numbers are pretty scary


It’s interesting what forty-five (45) bucks will buy you these days─a small bag of groceries, a night at the movies with your significant other (if you the small-sized drinks and snacks at the concession stand), and half a parking space at a Dallas Cowboys home game. Also, and if you don’t possess a conscience, it can get you three-quarters of a billion unique email addresses.

What happened?

Last week it was revealed by security researcher Troy Hunt that “Collection #1”, an unimaginative name for one (1) of the largest security breaches of all time, is a mass of data—almost 90 Gb worth—that includes 773 million unique email accounts and almost 25 million associated passwords. Yes, passwords.

Originally, the data numbered 2.7 billion records, but Hunt jettisoned the garbage to arrive at its current, apparently marketable total.

Just so there’s no confusion, Hunt is the good guy. For years, he’s been researching data breaches and alerting the public of his findings. He shared his recent, pared-down database with the site Have I Been Pwned?, which allows email addresses to be entered to discover whether they are one (1) of the unlucky 773 million. The bad guy(s) are the ones selling access to the database on a file hosting site that shall remain nameless (sorry, no free advertising for evil).

Collection #1 isn’t a new thing; it’s been around approximately two (2) years. Collection #2 came first, and actually puts its digital progeny to shame. Aside from the fact that it was named by a sequentially-challenged hacker, it totals over 500 Gb. So, if you’re keeping score at home, both collections total almost a terabyte of stolen data that is available to miscreants for the one-time fee of $45. A steal—literally and figuratively.

Hunt does offer up a sliver of solace. While he found his email address in the database, the password associated with it was one (1) he’d used many years ago. Whew. However, even if a password was used for email years ago, you may not be out of the woods. For instance, what if it’s the current password you use to log into another site, like—gulp—your bank. It could be a key that unlocks a spate of services.

Yikes! What next?

First, go to Have I Been Pwned? to discover if you’re an undistinguished member of this hacked fraternity. If so, start changing your passwords—all of them. But don’t change them once and never do it again. We’re supposed to be replacing the batteries in our smoke detectors when daylight savings time ends and begins, right? Add changing passwords into the mix. With the volume of excellent password management tools available, you have sundry options to address this problem. That’s not to say it’s a security panacea, but it can greatly reduce password-related issues.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.


Share this article

You might also like:

AI and Data Security

The advent of artificial intelligence (AI) brings transformative potential across industries while also introducing significant data security challenges. As AI systems become integral to operational and decision-making processes, safeguarding sensitive information against sophisticated threats is paramount. This exploration sheds light on the complexities of AI and data security and proposes

Transport layer security (TLS)

Transport layer security (TLS) is one of the most common tools for keeping users safe on the internet. When automated, TLS certification management can help organizations ensure more reliable and consistent use of TLS, reducing the need for human intervention and risk of human error. In fact, over the years,


As the head of GDT’s security practice and an industry veteran, Jeanne Malone and her team help customers worldwide advance their cybersecurity posture. One of the biggest cybersecurity game-changers is artificial intelligence (AI). We asked Jeanne to weigh in on leveraging AI and machine learning in cybersecurity to improve intrusion