IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Massive Collection #1 leak exposes 773m unique records online

Gargantuan 87GB trove of email addresses and passwords was sourced from thousands of separate data breaches

Nearly 2.7 billion records containing up to 800 million unique email addresses and more than 21 million unique passwords have been compromised and published online.

The massive data leak, dubbed Collection #1, is made up of individual breaches from "literally thousands of different sources", according to security researcher Troy Hunt, who announced his findings in a blog post.

The data being shared on hacking forums comprises is email addresses and passwords totalling 2.69 billion rows of data, with a total of 1.16 billion unique combinations of email addresses and passwords.

This collection exceeds 87GB in size and contains 12,000 individual files. It represents one of the biggest, if not the biggest, exposures of personal data in history.

This 1.16 billion figure was determined by filtering passwords as case sensitives, and email addresses as not case sensitive, according to Hunt, who says the leaked data can be used for 'credential stuffing' attacks. 

In all, Hunt determined the data contained 773 million unique email addresses, and 21 million unique passwords.

"People take lists like these that contain our email addresses and passwords then they attempt to see where else they work," Hunt said. "The success of this approach is predicated on the fact that people reuse the same credentials on multiple services.

"Perhaps your personal data is on this list because you signed up to a forum many years ago you've long since forgotten about, but because its subsequently been breached and you've been using that same password all over the place, you've got a serious problem."

After being alerted to Collection #1, Hunt was then pointed in the direction of a popular hacking forum on which members were discussing the trove of data. He assigned this breach 'Collection #1' as it was the name prescribed to the root folder in an image being circulated on these forums.

The researcher also reproduced a list of sites included in this data breach, after it appeared on the hacking forum, totalling 2,890 file names, but warned it wasn't necessarily complete and that he hasn't been able to verify it.

The earliest reference to an alleged breach is 2008, according to the unverified list, with a great deal occurring over the previous five years.

Hunt, who also manages the Have I Been Pwned service, has recommended that people either buy into a dedicated digital password manager or use a notebook and pen to manage all their personal login details. He also railed against password reuse, saying online users need to "avoid that to the fullest extent possible".

His views are reflected by the comments of Malwarebytes' lead malware intelligence analyst Chris Boyd, who suggested the key is to ensure passwords are limited to one per account.

"This is another good argument for making use of password managers, and especially those with built-in functionality to check current passwords against lists of data breaches," said Boyd. 

"If you recognise any of your passwords in the haul, you should stop using it immediately and perform a little behind the scenes maintenance as soon as possible."

Although nowhere near on the same scale as the Collection #1 incident, Reddit suffered a security scare last week after force-resetting the passwords of a large, indeterminate number of its users.

The microblogging platform wouldn't confirm whether this was precautionary, or reactive, but suggested it was done because they detected that users had either employed simple passwords or were engaged in password reuse.

A computer science professor Alan Woodward, meanwhile, previously suggested the best passwords are those which you can't remember, while claiming there is evidence to suggest that using longer phrases are easier to crack.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download


Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation

How full-stack observability can accelerate IT innovation

3 May 2022