|  Updated: 

The world’s biggest data dump: How do I find out if my email was caught in the Collection #1 hack?

More than 722m email addresses and passwords were uploaded to the internet on Wednesday, in what is being referred to as the world's biggest data dump to date. 

Known as Collection #1, the dump was discovered by security researcher Troy Hunt, who is also the owner of hack-checker website HaveIBeenPwned.com. Initially uploaded into a hacking forum, Hunt pulled the addresses out of the trove of data in order to create a resource for those wishing to see if they've been affected.

Those email and password combinations are now readily available for anyone to steal, so here's how to check if you're one of the 722,904,991 unlucky people, and how to prevent it happening again.

Step 1: Check

Go to HaveIBeenPwned.com and enter your email address. Hunt's handy tool will help you see if you've ever been included in one of the many hacks that the internet has suffered over the past few years.

It'll tell you when and which hack you may have been a part of, including Collection #1. 

You can also enter specific passwords to see if any of those have been breached, but even if it's just the email address, it's better to be safe than sorry and move on to the second step…

Step 2: Secure

If your email was caught up in the hack, the first thing you should do is change your password. Most hacks will have also taken your password along with your email address, and hackers use this information to stuff your credentials into any site that they think you might have an account on.

If successful, they'll be able to log into a website as you and take advantage of your personal information.

If you're feeling nervous, you'll be able to check your most recent sign-in history with most email providers and websites to see if there's been any suspicious activity.

Step 3: Authenticate

In order to protect yourself against future hacks, you should activate two-factor authentication on all your online accounts where possible.

This adds another step to your log-in process, usually by asking you to type in a code that's been texted to your mobile phone, answer a security question or click on a link sent to a separate email address.

You can also make your new password stronger, by using a randomly-generated password from a password manager service. Popular choices include 1 Password and Lastpass, which will suggest a password to you and then store it securely for future reference.

You might even already have signed up to one of these, as both Apple and Google operate password manager services inside the Safari and Chrome browsers.

Subscribe

Subscribe to the City AM newsletter to have our top stories delivered directly to your inbox.

Subscribe
By signing up to our newsletters you agree to the Terms and Conditions and Privacy Policy.