More bad news: your password has likely been leaked online.  This recently announced breach, dubbed “Compilation of Many Breaches” (COMB), doesn’t appear to be a new breach; rather, as the name suggests, it’s a compilation of multiple breaches.  Unique to this breach, the mammoth compilation of hacked data was shared on a hacking forum as an interactive database, with built-in scripts for finding and sorting login data.

COMB is made up of compromised email and password combinations exposed by around 252 previous breaches, including from major sites like Netflix and LinkedIn.  Roughly 3.2 billion unique email and password pairs have been effectively shared online.

What Should You Do?
There are a number of things you can do now to protect yourself from any COMB related threats:

  • Change all potentially effected passwords.  You can visit www.haveibeenpwned.com to see if your email has been compromised.  If so, change the password immediately.
  • Enable two-factor authentication on all available accounts, starting with the most important.  This way, even if an attacker has your username and password, they won’t be able to get into accounts.  Watch this 3-minute video to learn more about 2FA.
  • Consider a Password Manager.  It’s almost impossible to remember hundreds of login/password combinations.  A password manager stores all of your passwords in a single account, accessible with one master password.  We highly recommend using LastPass.

Have any questions or need additional information?  Contact a member of the BMT for assistance.