World's largest hacked credential database leaked
Telstra is urging Australians to change their online passwords after a massive, searchable database of 1.4 billion stolen usernames and passwords was leaked to the public internet.
The trove of unencrypted passwords was compiled using data obtained from over 250 high-profile data breaches of private domains.
The 41 GB database, which was discovered by security researchers 4iQ, is the largest known collection compiled by cybercriminals.
According to 4iQ, 14% of the passwords included were previously unpublished in a decrypted form and 318 million user accounts had been previously unpublished.
In a blog post, Telstra security special projects specialist Darren Pauli warned that email accounts are the most at risk of compromise as a result of the leak, but criminals can and do test email addresses and passwords against a variety of popular websites in case victims have re-used their password.
He said an easy way to shore up defences against such breaches is to maintain unique and complex passwords via the use of a password manager tool.
“We also advise that you do not register for personal online accounts using your work email address. This is because criminals will likely attempt to use your work email address and exposed password to break into your work accounts,” he said.
None of the data breaches used to source the database of login credentials involved any domains associated with Telstra networks, assets or services, Pauli added.
How the explosion of non-human identities is changing cybersecurity
A surge in machine-to-machine communication and non-human...
Building stronger critical infrastructure with Zero Trust
Zero Trust provides a way to stay ahead of cyber attacks by assuming breaches will happen and...
Happy birthday, Active Directory!
Active Directory is a technology that has proved its staying power and has shaped enterprise IT...
