Go to top of page

773 million accounts affected by ‘Collection #1’ breach

Priority Level: 
High
18 January 2019

What’s happened?

The Australian Cyber Security Centre (ACSC) is aware of a significant data breach affecting 773 million email addresses and usernames.

Titled ‘Collection #1’, the data breach was made public by Australian cyber security expert Troy Hunt, who identified that a large collection of email addresses, hashed and plaintext passwords had been distributed on a known hacking forum.

Does it affect me?

Unlike other data breaches, this breach cannot be tied down to one site. Instead it appears to comprise multiple breaches across a number of websites/services. To find out if your email has be compromised visit the Have I Been Pwned service managed by Troy Hunt.

How do I stay safe?

There are a few simple steps you can take to help keep your information safe:

• Use a strong password and don't re-use the same password on multiple websites.

• Change your password on any accounts where you may have used the same email and password combination.

• Use multi-factor authentication where available to give your accounts an extra layer of security. 

If you are concerned that your personal information has been compromised and misused, you can contact Australia's National Identity and Cyber Support Service, IDCare or use their free Cyber First Aid Kit.

If you have been a victim of a cybercrime such as fraud, report it to the Australian Cybercrime Online Reporting Network (ACORN).

More information

Stay Smart Online has more information on creating strong passwords, using two-factor authentication and protecting your personal information online.