The internet is not a safe place at all. If you are in here, you are at the risk of one thing or another all the time. Security researchers have come across a huge spam list containing over 711 million email addresses.
The spam list uncovered by Benkow, a Paris-based security researcher, is the largest ever single data set to be loaded into Have I Been Pwned (HIBP). The data set comprises two lists, one of them only has email addresses while the other one is right from our nightmares having both addresses and passwords.
Troy Hunt, a computer security researcher, obtained the list of compromised email addresses from Benkow and uploaded it on his website. The largest data set that he had uploaded to the server before only contained 393 million addresses. Troy Hunt gives an idea of the size of the set writing,
“for a sense of scale, that’s almost one address for every single man, woman, and child in all of Europe,” on his website.
Processing the largest list of data ever seen in @haveibeenpwned courtesy of a nasty spambot. I'm in there, you probably are too.
— Troy Hunt (@troyhunt) August 28, 2017
A machine called “Onliner Spambot” harvested all this data and led Hunt and Benkow to an IP address listed in the Netherlands. Law enforcement has been notified to shut down the spambot. Authorities have taken no action so far, so it is up to you to keep your email addresses secure.
Go to HaveIBeenPwned.com and check if your email address is on the list and if so, change your password immediately. If you have used the same email address to sign up for some websites, then consider changing your password for all of them.
This is almost as if someone got a copy of your house keys, so now you need to change all the locks in the house. As much of a prick as that might be, you gotta do what you can do!