According to Troy Hunt from troyhunt.com a huge file dump with lots of data was found on the free, public, anonymous hosting service Kayo.moe. They files contain information like email addresses, clear-text passwords, partial credit card data, Spotify details, and different logs.
If you are thinking that there was an enormous data breach somewhere, hold your horses. Apparently the files were not stored in a unified file format and even the Spotify details don’t mean that the music streaming service was hacked. All in all everything indicates that this is just a very huge collection of user data from different sources, conveniently packed for some cybercriminals to be used in their next endeavors.
Now a lot of people might wonder who is at risk and why breaches – or even only data collections like this one – are dangerous. The reason: Password re-usage. A lot of people are lazy and reuse their passwords for several accounts. This is basically exactly what cybercriminals are hoping for. They will just try and enter the username/password combination at a lot of different well known services in order to break into the accounts and wreak havoc.
42 million records is a lot. Not all of them are new though: According to troyhunt.com 93% of the data in the files were already in databases like the one of the Identity Scanner and similar services. Nonetheless you should make sure that your user information is not among them. To do so:
If you see the message “Your personal data has been compromised” you should take action immediately.
Your password was in a recent (or not so recent) data breach? Then you should change it immediately by following the below security tips:
If you have trouble coming up with a good, strong, and complex enough password you can always use a good Password Manager to help you out.