Change your email password now! More than 700 million account details are leaked in the biggest spambot dump ever
- Australian computer security expert Troy Hunt was the first to raise the alarm
- His website Have I Been Pwned lets you check if your details have been leaked
- The data leak is believed to have originated with a Dutch spambot called Onliner
- Cyber criminals allowed visitors to their servers to download their database.
More than 700 million email addresses and a number of passwords have been leaked in what could be the biggest spambot dump ever seen.
The data dump is believed to have originated with a spambot called Onliner in the Netherlands.
The information was leaked after cyber criminals allowed visitors to their servers to download their database without needing a username or password.
Users of affected accounts are advised to change their passwords as soon as possible to avoid being further compromised.
Scroll down for video
One of the largest data breaches ever has led to more than 700 million email addresses and a number of passwords becoming publicly available. A spambot has leaked more than 700 million email addresses in massive data breach
You can check if your account has been compromised here.
He was the first to raise the alarm over the data dump.
The bot behind it is designed to spread malware that steals bank details and causes people's devices to transmit the virus, as well as pumping out spam messages used by internet criminals in online scams.
Mr Hunt said that the 711 millions records leaked 'makes it the largest single set of data I've ever loaded into HIBP.'
Writing in a blog post today, he added: 'Just for a sense of scale, that's almost one address for every single man, woman and child in all of Europe.
'The first place to start is with an uncomfortable truth: my email address is in there. Twice.
'Finding yourself in this data set unfortunately doesn't give you much insight into where your email address was obtained from nor what you can actually do about it.
Shown here is a a screenshot from the server being used to store the sensitive private data. The screensshot was taken by Troy Hunt, an Australian computer security expert
'I have no idea how this service got mine, but even for me with all the data I see doing what I do, there was still a moment where I went "ah, this helps explain all the spam I get".'
The leak also contained millions of passwords, which may have been collected in an effort to break into email accounts and turn them to spam.
The majority of the passwords in the latest security breach appear to have been collated from previous leaks.
Mr Hunt runs the Have I Been Pwned site, where which lets you check whether your account has been breached by leaks. Email addresses that are unaffected will result in this screen being displayed
Users whose accounts have been breached will see this screen, which also lets you check details of when the breach occurred and if your email address has been pasted publicly on sites like Pastebin
For instance, one set mirrors the more than a million passwords stolen from LinkedIn in 2012.
Although there are more than 700m email addresses in the data, the number of genuine accounts may be far lower.
Many of the addresses were duplicates and variations on a particular domain, perhaps based on previously 'scraped' data which can be automatically extracted from public websites.
Some were seemingly guessed at by the spammers by adding a prefix to a domain name, for example email@example.com.
Read more: http://www.dailymail.co.uk/sciencetech/article-4836496/More-700-million-email-addresses-leaked-spammers.html#ixzz4raPQ8qYn
Follow us: @MailOnline on Twitter | DailyMail on Facebook