You might not think about it, and you may not be looking to buy it, but there are those who go out and hack, find, and then sell your information. Among these include your email and passwords.
Earlier this year (Jan 2019), on some of the underground forums, a huge collection of passwords and other data was listed as for sale. A hacker posted 773 Million emails and over 21 Million passwords.
With this sale, there was good news and bad news.
The good news was a lot of this data was older from old hacked sites, some going back to 2008. Hopefully people had changed their passwords since then! However, we don’t know when all the data was found, or how new some of it might be.
The bad news was that this was supposedly only part of their collection. There are supposedly three more collections like this, which would make this the largest collection of data sold. This first collection totals approximately 87GB of data!
So where do they get this data? Well that’s a good question. Often it is from where they have hacked other websites and stolen data. From there the hackers can sometimes reverse engineer the data so they can figure out the password. Other times the hacked site didn’t store data in a safe manner, and the passwords were exposed. Of course there are other ways to collect data as well, from viruses, to phishing schemes, to poor document management.
Either way, always be vigilant looking for potential issues, and if you see something suspicious, change your password(s).