I follow a number of infosec and cybersecurity pros on Twitter, and one from Kim Crawley caught my attention.
I learned that 1.5 billion email addresses and passwords have been leaked, and circulating around the internet right now. Here's the tool where you can check to see if your info has been compromised. Input your email address and other details to see if your passwords have been comprimised: (This is not related to Steem accounts)
https://nosecrets.peerlyst.com/
From Peerlyst, the site that published this info we learn:
What’s really striking about this data breach, other than how massive it is, is that the database of leaked data wasn’t published on the Dark Web as usual. It was found on the bittorrent networks, like seasons of Orange is The New Black and entire pop star discographies. The leaker wanted these records to be distributed to as many people as possible. Why?
I would advise you to change your passwords to gmail right away if you find that your address is listed in this current dump. And if you don't have Google Authenticator 2FA set up on your gmail accounts, do so right now.
But please NEVER USE SMS text messages as your 2FA.
Only use Google Authenticator app (Android and iOS) and Yubikeys, which are physical keys. You can also use your Trezor as a Two Factor Authentication key device for your accounts.
People, this is worth educating yourself about. Crypto is only as good as your security habits. Take time today to understand how to protect yourself, and you will sleep better.
I have written some guides about Two Factor Authentication and how you need to get rid of using SMS text messaging as your 2FA, because this is how people are getting hacked. Google Authenticator is a good 2FA to use, so switch to this as soon as possible. Read more from my article here: https://hackernoon.com/what-the-heck-is-u2f-35cb68082dbe
This update has nothing to do with Steem accounts, just email and other accounts, as far as I know.
Thanks for reading,
Stellabelle
Thanks @stellabelle ;-)
Another tool to check if your secrets were compromised is https://haveibeenpwned.com made by Troy Hunt, and of course 2FA is the must have in nowadays ;-) no excuses!
thanks for the added resource.
Ok
Mine was on the list. I use 2factor authentication, but it looks like its time to change some passwords. Thanks @stellabelle!
Thank you for this information ...I did a search and fortunately my accounts do not appear in this data...
Am happy about this info. Am one of the people using SMS as a 2FA factor I thin i have to change that right away and also check the list if my mail is not among. Thanks**
I couldn't figure out how to use the tool you provided but the haveibeenpwned one seemed to work, thanks for the heads up!
edit: your tool worked on my second try, thanks!
Sangat menarik
@stallabelle thanks for this great information, there have much stories of emails been breached of recent.
Oh my gosh!!! Why is this happening, let me check mine ASAP!
thankyou so much for alerting all users! I'd definitely go check mine but I'm hoping that I won't find my email address there but nevertheless, changing passwords now should still be done anyway. better be safe than sorry
Thanks for the info. Found out one of my emails had been compromised so I immediately change the passwords and will look to migrate away from it.
yeah, goood......This info was posted about 23 hours ago, so it's still very new...
Thank you @stellabelle for your important concern .....
Thank you for this message! I checked it out and some of my emails accounts seem to be leaked. More specifically 3 of them! all of them on January.
But I haven't used them in a long time. The email accounts that I currently use seem to be fine...
I just checked as you said and wow,my email is safe....Am going to set Google Authenticator straight away.
Av always trusted Gmail to have one of the best security system. Not withstanding of the fact that mail breach happens all time, am not always scared of my Gmail Account cos of its strong security system.
Thanks for the security conscious info, av got to heed to the warning ASAP.
actually many Gmail account passwords are leaked.
Thanks for putting this out stella! I'm shocked!
1.5 billion that is unbelievable.
yeah, it's insane that it is not on front page news......
I just checked mine, everything is fine.. Thanks for sharing @stellabelle
I think am fine, but even then I'll advice everyone to change their password now, whether your email appeared to be leaked or not. Thanks @stellabelle for this timely information.
Thanks @stellabelle I'm changing it right away before confirming. I have this habit of changing it once in a while though.
Thanks @stellabelle I know this comment is not adding much value but I wanted to just say thank you because if it wasn't for your post, I would not have found out about it. xx
I always use 2FA, lemme quickly check the link to see if my email ends up there.
Very timely info. thanks for sharing.
Keep on steemin'
Hello @stellabelle I miss you.
Find yourself here:
https://steemit.com/creative/@askmee/all-my-friends-drawing-above-my-bed-find-yourself
I wish you like it
I am lucky mine wasn't leaked.
I can't believe anyone still uses gmail at all - evil-doers doing evil things run that "service."
so what do you use these days pray tell!?
zoho :)
Well, my email shows up in that database, but are you necessarily suggesting that my password is therefore also is in that database!?
nosecrets.peerlyst.com does not say much of anything about the results it is offering. An email address is easy enough to harvest from anywhere - but the password too??
Thank you for the heads up!
I did a quick check of my gmail name, and nothing popped up thank goodness.
This is an older post (i.e you can't vote on it), but has laid out some good tips that may help with security: https://steemit.com/crypto-news/@cryptonik/please-aware-of-this-hack-secure-your-cryptos
Thank God..mine was not in the list...thank you for this info..
i am lucky mine wasn t leaked,,,,
Let us protect our accounts!