National

800 million accounts hacked: How to find out if you're one of them

(WSPA) - Have you been hacked?

That's the question hundreds of millions of people are asking after a "dark web" list came to light this week with e-mails and passwords that have all been compromised.

That data breach list is called "Collection Number 1" and it includes nearly 800 million e-mail accounts and more than 20 million passwords.

The more things you've signed up for online the more you're at risk.

"If I went back through every single account that I made and deleted them all cause I never used them it would take days," said Nicholas Giaimo in Spartanburg. 

Still, Giaimo didn't imagine he'd be a part of any new breach, and yet when he checked, that's exactly what he found.

"I didn't really expect to see this at all," he said.

 In fact, all but one of the 15 people we asked to take a look had some sort of breach history associated with their emails, all but Olivia turner at USC Upstate.  Whatever her grades, she's a model student in cyber protection.

"My Dad always reminds me to change my passwords, keep it updated," said Turner.

So how do you check to see if you are part of a breach?  Just enter your email address into the site www.HaveIBeenPwned.com  (pronounced "Powned") and you'll see all the hacks that stole your account.
     
The latest, "Collection Number 1"  is also one of the biggest breaches or combination of breaches.

"If your account is on this list, what will happen is people will start signing into all kinds of services with that user name or that email address, and they'll use all the passwords combined and try to log into it over and over again," said Rob Gordon the Senior Information Security Engineer with USC Upstate.

The USC IT Department wrote some code this week to help people figure out if their USC password was also compromised.   You can do the same on the Pwned site.

What makes hackers so successful with this data is that many of us continue to use the same credentials for a lot of different sites that require sign-ups.

Not Turner.  She uses different passwords for all accounts, even a separate email address for financials.

"I feel good, I feel like I accomplished something.  Thanks, Dad," she said.

If you find yourself on that list, the first thing you should do is change your password immediately.

Also, consider setting up a separate email that you only use for financial and medical accounts.

And look into using a password manager like KeePass for your computer, or LastPass for your mobile, which can provide a lot more protection than reusing passwords.
 


More Stories

Meet the Team

Latest News - Local

Video Center