16 billion login credentials leaked in world's largest data breach

[Mayor of ogba]

I don't know if someone has posted the same topic here, but if this topic is already existing here, just let me know so that I will post it as a comment on the thread.

I stumbled upon this sad news on Facebook, and I thought it would be a nice thing if I shared this sad news among my brothers and sisters so that everyone could be guided and take action where necessary to avoid any loss to scammers. You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

Link to the news: https://www.facebook.com/share/p/16Ry5oAh76/

[Charles-Tim]

It has been posted on the general board but not yet posted on the local board. It is also good for people to avoid malware which is the reason most people can be affected.

You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

It is good to also avoid those Google and Authy 2FA that encourage online backup of 2FA secret codes.

[Josefjix]

Wait, this just making me thinking something right now, is it the reason my Microsoft mailbox that was tied with 2FA authentication just got disabled yesterday? I tried to enable it again but it didn't allow me.

Should Microsoft mailbox be one of the platform that got this breach of data, I'm just thinking 🤔

[Felicity_Tide]

I just replied to the other thread before it was moved.
16 billion data breached isn't a small figure, and imagine a country like Nigeria where people don't even bother to read terms and conditions, or agreement about the platforms that they are registering an account with. You can imagine how vulnerable and exposed so many Internet users are to phishing attacks and malware download, that has been linked to the Infostealer as stated in the article.

And here is a quick opportunity to address those who come across ads that says, "Click this link to receive $1 million now". I hope we all understand the danger behind using such links. Let's stay safe.

It has been posted on the general board but not yet posted on the local board. It is also good for people to avoid malware which is the reason most people can be affected.

It was just moved to off-topic section.

~snip

Should Microsoft mailbox be one of the platform that got this breach of data, I'm just thinking 🤔

From the original article that I read, and AFAIK, the breach doesn't apply to the companies issuing the service. The whole thing is tied to the user, and the whole operation was traced to what they call Infostealer malware, which I'm not sure if it is a particular type of malware, or a general name given to malwares that are use in stealing information.

[promise444c5]

Okay cool, we finally have a lead on the target for this attack.
It stated ogin credentials. Everyone should start acting as soon as possible. If your password is weak, go change it to a more sophisticated one, preferably mixed types of characters and signs.

We're not sure what could happen next, but if you have a weak password and are a likely target, your hashed  password could be brute-forced,not saved so  It's good you start acting now.

Don't forget Gmail is part of this if you're also using Google Authenticator to strengthen your account, an  access to your recovery  email account  gives up everything..

[Mia Chloe]

I stumbled upon this sad news on Facebook, and I thought it would be a nice thing if I shared this sad news among my brothers and sisters so that everyone could be guided and take action where necessary to avoid any loss to scammers. You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

Op you should resize your image. A bigger image doesn't necessarily send a bigger illustration it makes the post less appealing to read. That aside in relation to something like this too I came across a blog a couple weeks ago saying that apple was allegedly filed for privacy breach and was filed to pay their users for damages. I didn't look much into it since most blogs can't be trusted but I don't know how true it is.

Okay cool, we finally have a lead on the target for this attack.
It stated ogin credentials. Everyone should start acting as soon as possible. If your password is weak, go change it to a more sophisticated one, preferably mixed types of characters and signs.

On a real life scenario if these companies were hacked on a high scale including data breach, changing your password is of no use because an administrator doesn't need to brute force to access everything.

[Hewlet]

I stumbled upon this sad news on Facebook, and I thought it would be a nice thing if I shared this sad news among my brothers and sisters so that everyone could be guided and take action where necessary to avoid any loss to scammers. You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

one thing is certain and that is the fact that data safety will continue to be an issue that we will continue to deal with for a very long time because the ways that your data can be exposed to the wrong hands is too many. if 16 billion login credential is being bridged, then it only means that the majority of internets users data has been bridged. if it is a matter of some of our private information like chats being exposed, the that is not much of a big deal but the issue is with regard some persons that might have stored there asset on an exchange or might have some valuable information on one of the hacked database, it is a serious thing of concern. the issue of changing passwords might not be all too effective if the hack also gets to the back end of most of the platforms we are using, you might still change a password they can easily get access to.

[Mayor of ogba]

It has been posted on the general board but not yet posted on the local board. It is also good for people to avoid malware which is the reason most people can be affected.

You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

It is good to also avoid those Google and Authy 2FA that encourage online backup of 2FA secret codes.

Hi Charles-Tim, you just said it is good we avoid Google and 2FA that encourage online backup of 2FA secret codes without telling us the reason why we should do that. It would be better if we knew why installing 2FA that encourages online backup of 2FA secret codes is bad so that everyone can learn and be guided on the best extra layer of security to add to our accounts.

[Charles-Tim]

Hi Charles-Tim, you just said it is good we avoid Google and 2FA that encourage online backup of 2FA secret codes without telling us the reason why we should do that. It would be better if we knew why installing 2FA that encourages online backup of 2FA secret codes is bad so that everyone can learn and be guided on the best extra layer of security to add to our accounts.

You backup the 2FA codes online for example Google 2FA. If the hacker can access your email, the hacker has access to the 2FA codes already. If you backup your password online also, then there is nothing that remains to access your funds on most platforms that you used the 2FA, the hackernhas everything needed except if sim authentication is mandatory but which is not mandatory.

[Mayor of ogba]

Hi Charles-Tim, you just said it is good we avoid Google and 2FA that encourage online backup of 2FA secret codes without telling us the reason why we should do that. It would be better if we knew why installing 2FA that encourages online backup of 2FA secret codes is bad so that everyone can learn and be guided on the best extra layer of security to add to our accounts.

You backup the 2FA codes online for example Google 2FA. If the hacker can access your email, the hacker has access to the 2FA codes already. If you backup your password online also, then there is nothing that remains to access your funds on most platforms that you used the 2FA, the hackernhas everything needed except if sim authentication is mandatory but which is not mandatory.

Yes, this is true. Thanks for sharing this vital information; it will serve as a guide for people who aren't aware of this to take the right measures to protect their password and account.

[nelson4lov]

It is good to also avoid those Google and Authy 2FA that encourage online backup of 2FA secret codes.

Yeah, good advice.

Only problem is that we get to sacrifice convenience for mlre security. As someone that used Authy for years without any issue, I'm beginning to start migrating my 2FA data to alternative services with no cloud backup for 2FA.

Most people don't know this but Authy had an issue in the past where 2FA data can be accessed if multi-device support is enabled in settings. There's been no issues in the years that followed but it's always better to be safe than sorry.

If you can, share your preferred 2FA service and some best practices so other members can learn. I'm curious to learn as well.

[Egii Nna]

I don't know if someone has posted the same topic here, but if this topic is already existing here, just let me know so that I will post it as a comment on the thread.

I stumbled upon this sad news on Facebook, and I thought it would be a nice thing if I shared this sad news among my brothers and sisters so that everyone could be guided and take action where necessary to avoid any loss to scammers. You can change your password where necessary and add 2FA to deny unauthorized persons to have access to your account.

Link to the news: https://www.facebook.com/share/p/16Ry5oAh76/

This is very sad news tho but we need to be very more cautious about our actions about data security from now on because hackers might use this opportunity to exploit our data and do what is very terrible with it.

But does this data breach also affect exchange platforms?
If yes then this is a very concerning situation because if your login password is breach then you are vulnerable to scams and the best thing to do is to change your passwords ASAP

To my fellow Nigerian brothers make una dey read messages before giving permission again oo because it might be that the hacker jus needs your permission to scam you and you go jus unknowingly fall for the trap.

[IjawMan]

And here is a quick opportunity to address those who come across ads that says, "Click this link to receive $1 million now". I hope we all understand the danger behind using such links. Let's stay safe.

Isn't it most elevated height of stupidity that you should have to agree to click a strange and unfamiliar link as condition to receive money you did not do anything for to earn. You didn't play lotto. You didn't offer a service of any type to any entity and you just click and win $1 million. Please man, is there another word much heavier than the word "greed", cos that person na thief oh.

Greed and naive way of thinking has been a big issue for plenty online users which has led them to easily fall for the cheapest scam that common sense could have saved them to escape from.

[Agbe]

I think that in this computer age where we find ourselves one major problem that we have been face with is security of our vital information when dealing online am one person who believes that privacy online is one that that is not safe because every sites that you visit their is a central system that every detail of anyone who visites that place will be stored making it vulnerable to hackers and if anyone successfully hacks into such sites alot of details will be compromised