The Massive “Collection 1” Data Breach & What You Can Do
“Collection 1” sounds like an innocuous phrase. Scary truth? It’s a data breach involving over half a billion passwords from thousands of servers Collection 1 deserves our concerned attention. Business Insider reports that 773 million passwords were exposed and collected in this archive, and chances are some of yours are in there too, spanning across years of random site sign ups and even your personal email.
This log was collected from a span of different companies, and grouped together into one massive leak. First uploaded on file sharing website Mega, it was quickly taken down due to its content, but naturally, re-uploaded some time later to other sites. While not easily searchable, the fact that this archive is online and available should be alarming to many due to its sheer size.
Second only to the 3 billion passwords leaked from Yahoo a few years ago, Collection 1 is a grim reminder to Internet users to make sure they know where their data is being stored. It’s also a wake-up call as to just how many potentially unsafe passwords we’re using on websites without top notch security. Inputting even just your email address can be a gateway to future breaches on websites you don’t visit very often, or that aren’t often updated with the latest security features.
HaveIBeenPwned.com offers a small search tool that lets you see if your passwords or emails have been “seen” in any recent data breaches, so you can input your information there to quickly check. If you’re skeptical of putting even more of your information out there, go through this short security list of check ups:
- Change your oldest or most insecure passwords.
- Consider two step authentication, where the site will send you a text message or email with a proprietary code to input with your password. This extra security layer will deter a majority of unscrupulous login attempts.
- Best yet, delete or otherwise remove accounts from old websites you don’t use anymore, so that your data isn’t just floating out on the internet for years.
Unluckily enough for us, the use and abuse of customer data can be easily leveraged by corporations. Many companies have long since taken proactive steps to try and get ahold of what is essentially the largest marketing tool to ever exist: your data. This can be anything from public information like your phone number, address, or email, or as personal as your medical records, social security or job information.
Apple’s CEO Tim Cook suggests an alternative to the current glut of companies essentially swallowing data whole. Instead of blindly amassing huge quantities of information, companies would need to broker their collections through a “clearinghouse” where there is transparency regarding when and how the data is used. This way, a customer or social media user can effectively see where their info is going, whether it be for marketing purposes, the company’s personal coffers, pretty much anywhere.
The Federal Trade Commission would be in charge of managing the project, and users would have the option to opt out or otherwise delete their data from the server. Cook is adamant about users being able to control the spread and implementation of their information, saying “This problem is solvable—it isn’t too big, too challenging or too late.”
In order for this data brokering to work, users must be educated as to the value of even seemingly harmless data about themselves, such as what products they like or use, not just their phone numbers and addresses. The sheer amount of information the biggest companies have on each of us is staggeringly difficult to quantify. This makes us targets for sometimes malicious advertising, as well as generally allowing other people into our lives with our permission.
Because of this, it’s important we educate ourselves and others about browsing the internet, mobile or desktop, safely, even anonymously. TrackOFF offers VPN services that allow customers to ensure that their data is stored and managed safely, as well as anonymously.
In order to create a better, safer internet environment for everyone, we must start taking our online privacy seriously. Making well-informed choices about who we give our data to is a good first step, and beyond that, we must also safely guard information that could potentially be used to get into the most sensitive parts of our lives. Until we do this, our data in someone else’s hands is just another security breach away.