You may think you’re untouchable with data breaches and that they’re no big deal – you’ve been worried before, and nothing ever came of it. But the COMB data breach is different. More than 3 billion password and email pairs were affected in the COMB (Compilation of Many Breaches) data breach.
COMB Data Breach Reach
The most interesting thing about the COMB data breach is that it’s not a new breach. This effort pools user data that was stolen from earlier breaches of services such as LinkedIn and Netflix.
Once you start to realize the full breadth of this new effort, it’s eye-popping. Other breaches included all the users’ data of a site or an app – this one includes users’ data of many services.
This is precisely why it’s suggested to not use the same password for multiple sites/services. If you used the same one for perhaps 10 sites/services, and if one of those sites/services were breached, now the cyber thieves have access to all 10 of those accounts.
The COMB data breach may be the biggest-ever collection of stolen user data. Just one of the included breaches involves data stolen from the LinkedIn data breach in 2012 that involved 116 million accounts.
Moving Forward
If you’re now worried that your email and password combination is included in the COMB data breach, you can head to this Cybernews link and input your email.
If your email appears there, it means it and one or more of your passwords is part of this large collection and can be used for phishing attacks and email scams. Undoubtedly, it’s a complete pain to do so, but the recommended action is to change your password on any account that uses that email.
It’s best at this point to finally use a different password for each one. You can use a third-party password manager, a browser password manager, or a built-in service with your operating system that creates strong, complicated passwords and remembers them. Optionally, you can also use another service like Google, Facebook, or Apple to sign in wherever those options appear.
Remember: there’s nothing you can do to remove your info from the COMB data breach or any other attack, so it’s best to just make sure you don’t land there to begin with.
Laura has spent nearly 20 years writing news, reviews, and op-eds, with more than 10 of those years as an editor as well. She has exclusively used Apple products for the past three decades. In addition to writing and editing at MTE, she also runs the site's sponsored review program.
Because of the countless breaches of various databases over the years, it can be assumed that by now every email address and every password ever created has been compromised. The only remedy is to create new addresses and new passwords.
“You can use a third-party password manager, a browser password manager, or a built-in service with your operating system that creates strong, complicated passwords and remembers them. ”
That is not going to help much. The individual user’s PC may be locked down tight. However, the email/password pairs also exist on corporate databases and it is there that they are exposed to breaches because the databases WERE NOT locked down securely, or securely enough. There is ABSOLUTELY nothing individual users can do to prevent those breaches since users have no input into how corporate databases are secured. Ex: 140 million records were stolen from Equifax. Those records were collected by Equifax not from the users directly but by scraping other financial databases without users’ knowledge or permission.