You may have noticed the news stories that over 700 million email addresses and, in some cases, the passwords have been leaked online.
It’s definitely the biggest leak that we’ve seen!
Many of the news outlets are directing people to a website called Have I Been Pwned. It contains a database of all the email addresses that have been compromised, and they are suggesting that you check to see if you’re there.
We checked the database with some of our email addresses and, sure enough, they are part of this leak!
But, what does that actually mean?
Journalists will have you believe that your passwords are published for all to see. It certainly makes for a good headline in the newspapers.
The reality may be somewhat different. In most cases, the database will only contain your email address – something that is easily findable on the internet (just look at the amount of sales/junk/spam emails that you get). The database is just that… a list of 700 million email addresses.
However, the news stories do report that some of the email passwords are available too. But, there’s no indication of how many of the 700 million also contain the password?
So, what’s our advice? Firstly, enter your email into the ‘Have I been pwned?’ website and see if it’s there. And, if your email address does come up in the database, then there’s no need to panic.
However, we also know that it’s very easy to change your email password – so why take the risk and hope that you’re OK? Instead, change your password, and use it as an opportunity to follow the latest password guidelines.
To learn how to choose a secure password take a look at our blog post ‘choosing a secure password‘.
Or watch our video:
And, if the results of the ‘Have I been pwned’ website show that some of your other details are compromised, then you might want to update those passwords too! (some of us appeared in the LinkedIn leak from 2012).