As Digital Journal reported, a large data file containing 12,000 separate files and totaling 87 gigabytes of data had been uploaded was MEGA, a cloud service used by hackers. The data was next posted into a hacking forum. From analysis conducted by Troy Hunt (of Have I Been Pwned) the data dump appears to be an amalgam of in excess of 2,000 databases.
What is of additional concern with the data dump is that the data was not sold at an auction. Instead, as Digital Trends comments, it appears to have been made publicly available to anyone and that’s with no hacking or data skills required.
There is also some design behind the actions of the hacker (or hackers). The cybersecurity breach seems to have been a carefully curated collection of dumps from a large collection of compromises.
In response to the huge Collection #1 breach, and 773 million records (which is the largest collection of breached data ever discovered), Will LaSala, director of security solutions at OneSpan, told Digital Journal: “with criminals trading assets in underground forums, data from this breach could easily be cross referenced with information lying elsewhere to bypass authentication.”
LaSala recommends that those whose emails have been leaked immediate action: “This is a colossal breach. Those impacted should act fast to change any reused passwords, as the exposed credentials can be used by criminals in credential stuffing attacks to cause maximum damage across multiple other accounts.”
He adds that: “For the more high-risk accounts like banking accounts, this poses a very real fraud threat.”
LaSala also states: “If this doesn’t highlight the need for security reach beyond the password, then not much else will.”
He offers advice on improving password security in this more vulnerable age: “We should know by now that using a combination of multiple, layered authentication technologies gives companies, and users, the best chance.”
However, businesses also need to do more, according to LaSala: “Banks especially should be upgrading their authentication procedures to more intelligent methods to mitigate the fraud risk in the aftermath of attacks such as this. This technology should combine multiple authentication techniques, whether that’s fingerprints, behavioural biometrics or one-time passwords.”