Click to Skip Ad
Closing in...

Your email and password were probably posted online in the mother of all data leaks

Updated Feb 11th, 2021 5:57AM EST
Data breach
Image: James Thew/Adobe

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

  • Hackers recently posted more than 3 billion user credentials online as part of a massive data breach compilation of emails and passwords.
  • Read on for a way to check and see if your email and password combination was part of this published trove.
  • If they were, there are also some easy steps you can take to protect yourself.

We’re barely over a month into 2021, and already hackers have been hard at work this year racking up one massive data breach and systems intrusion after another. National headlines were generated in recent days, for example, upon word that a hacker used Teamviewer to try to poison the water supply of a Florida town. And just a few days ago, we reported on what might be the biggest-ever compilation of hacked user credentials ever posted on the Internet before.

Dubbed the “Compilation of Many Breaches,” or COMB, this data set includes 3.2 billion email-and-password combinations posted online. It’s not the result of a new hack — rather, these are credentials that had been stolen as part of previous breaches and leaks from companies like Netflix and LinkedIn. The size of this published data set, though, means at least one thing: At least some of your data is almost certainly caught up in this trove. But there’s good news, too.

Normally, when people hear about a new hack or data breach of some kind — like the credit card numbers and other personal data of a hotel chain’s guests being stolen, for example, or an email service provider getting hacked — there’s not always an easy way to see if you were caught up in the net. Customers are just given vague warnings about keeping an eye out for suspicious activity on your accounts and bills, change your passwords, and that kind of thing.

With this data leak, though, the good news is that the news outlet CyberNews has a searchable database where you can easily check and see if your email credentials have been posted as part of these recent data breaches that led to the COMB publication. All you need to do is head to this link, and you’ll see a black box with a prompt at the top of the page.

You’re asked to simply enter your email address, and then CyberNews will tell you if your account is part of the database of more than 15.2 billion breached accounts it’s found, along with more than 2.5 billion unique emails. The danger here, of course, is that if your email is part of the data set, hackers could start trying to phish you or harass you with spam — or, even worse, try to steal your identity.

Here are some of the steps you can take to protect yourself:

  • Use 2-factor authentication for your email account.
  • Change your password right now, and do it regularly going forward.
  • And use a solid password manager service to protect your accounts.
Andy Meek Trending News Editor

Andy Meek is a reporter based in Memphis who has covered media, entertainment, and culture for over 20 years. His work has appeared in outlets including The Guardian, Forbes, and The Financial Times, and he’s written for BGR since 2015. Andy's coverage includes technology and entertainment, and he has a particular interest in all things streaming.

Over the years, he’s interviewed legendary figures in entertainment and tech that range from Stan Lee to John McAfee, Peter Thiel, and Reed Hastings.