At this point, it seems like every single big-name company with a web presence has been hacked at least once, and while archives of usernames and passwords pop up and create a scare from time to time, it’s easy to forget that those lists live on forever online. Now, a security researcher has spotted an absolutely massive “combo list” of logins that includes over 500 million login credentials gathered from a number of known leaks, and it’s yet another reminder to change your usernames and passwords as often as possible.
The dump — spotted by Bob Diachenko and confirmed by Troy Hunt, who set up the extremely useful login hack-checker site Have I Been Pwned — currently resides on a cloud server with an unknown owner. The database is absolutely enormous in size and scope, containing logins from Tumblr, Adobe, MySpace, LastFM, LinkedIn, Dropbox, and many others. It weighs in at a seriously impressive 75 gigs, making it one of the largest collections of logins ever to leak.
To be clear, the dump doesn’t appear to contain any personal information that hasn’t already been widely publicized, and if you’ve already done your due diligence and swapped out your login details across the board, you probably don’t have anything to worry about. However, if you’ve somehow missed news of one of the many leaks included in this archive, there’s a really fantastic chance that your logins are about to be tested yet again, so it’s a really good idea to go through and switch them up (and enable two-factor authentication, if possible) just to be absolutely safe.