Threat Watch

Mega Cloud Dump Exposes 87GB of Data

Collection #1 includes over 12,000 files totaling 2,692,818,238 rows of email addresses and passwords and was hosted on the cloud service MEGA. In total there were 772,904,991 million unique email addresses, 21,222,975 million unique passwords, and 1,160,253,228 unique combinations of email addresses and passwords.  As for the unique passwords, the researcher that was tasked with de-hashing them stated “As with the email addresses, this was after implementing a bunch of rules to do as much clean-up as I could including stripping out passwords that were still in hashed form, ignoring strings that contained control characters and those that were obviously fragments of SQL statements. Regardless of best efforts, the end result is not perfect, nor does it need to be. It’ll be 99.x% perfect though and that x% has very little bearing on the practical use of this data. And yes, they’re all now in Pwned Passwords, more on that soon.” An unnamed hacking forum was where the data was found being socialized. Since the news of the dump, the data has been removed from MEGA’s cloud service.

ANALYST NOTES

Since it is not known yet who gained access to the data, it is difficult to predetermine what may be done with it. To aide on the side of caution, users should change their passwords on any email addresses they currently use as well as enable two-factor authentication if they have not done so already. Be aware more of spam and phishing attempts to come from this breach since passwords were already found in previous breaches.