What You Should Know About the COMB Data Leak
/GUEST BLOGGER
Ron Cresswell, J.D., CFE
Research Specialist
In February 2021, an enormous compilation of breached user data was posted on a popular online hacking forum. Known as the Compilation of Many Breaches (COMB), the data leak is believed to be the largest compilation of its kind. The COMB data leak is so big, in fact, that it could include the data of 70% of internet users worldwide.
What is the COMB data leak?
On February 2, a user known as Singularity0x01 posted a .ZIP file on RaidForums, an online forum used by hackers and cybercriminals to share leaked data. The file, entitled “Compilation of Many Breaches (COMB) 3.8Billion (Public),” contained billions of usernames and passwords. Users of RaidForums were required to make a small payment to view the file.
An online publication called Cybernews.com was the first organization to publicly report the COMB data leak. After analyzing the data, Cybernews determined that the COMB data leak contained more than 3.2 billion unique pairs of email addresses and passwords, including approximately 200 million Gmail addresses and 450 million Yahoo! email addresses. Importantly, however, the data contained in the COMB data leak is not the result of a new data breach. The COMB data leak is a compilation of credentials collected from past data breaches involving Netflix, LinkedIn, Hotmail, Yahoo, Bitcoin and other companies.
Although the COMB data leak does not contain new information, the size of the leak makes it significant. The COMB data leak is more than twice as large as a similar breach compilation posted in 2017, which leaked 1.4 billion credentials. According to Cybernews, “…when considering that only about 4.7 billion people are online, COMB would include the data of nearly 70% of global internet users (if each record was a unique person).”
In other words, it’s likely that the COMB data leak contains a username and password combination that you use or have used in the past.
What are the potential threats?
The COMB data leak creates several potential threats. Since people tend to use the same credentials for multiple websites, the leaked COMB credentials can be used to gain access to other accounts. For example, a cybercriminal might use leaked Netflix credentials to attempt to log in to Gmail or major banking websites. Many hackers use leaked credentials to engage in credential stuffing, which relies on software to send thousands of automated login requests to selected websites. The leaked COMB credentials could also be used in spear-phishing schemes.
What can you do to protect yourself?
To protect yourself from the threats posed by the COMB data leak, you should take the following actions:
Determine whether your data is included in the COMB data leak by searching a free data leak database, such as the Cybernews personal data leak checker or Have I Been Pwned.
Change any password that shows up in a data leak database. Even if your passwords were not compromised, all passwords should be changed regularly.
Do not use the same username and password combination across multiple accounts. Create a unique password for each account. Most cybersecurity experts recommend using a password manager to create and store strong passwords.
Enable multifactor authentication on every account that offers it.