COMB data breach: what it means, and how to protect yourself

COMB data breach: what it means, and how to protect yourself

Andrew Zangre by Andrew Zangre on

In the Compilation of Many Breaches (COMB), more than 3 billion unique sets of login credentials have been shared online in what some say is the largest data breach of all time.

Though it seems that no new login information has been exposed, the compilation and sharing of so much data significantly increases the risk that previously exposed credentials could be used to gain access to online accounts – particularly where passwords have been reused.

With an event of this magnitude, it’s crucial to stay informed and take steps to prevent your online accounts being compromised, whether at home or at work. In a nutshell, that means changing affected passwords ASAP. We’re here to help.

What is the COMB data breach?

COMB is made up of compromised email and password combinations exposed by around 252 previous breaches, including from major sites like Netflix and LinkedIn. It’s the largest incident of its kind on record – far exceeding the 2019 Collection #1 data breach.

This mammoth compilation of hacked data was shared on a hacking forum as an interactive database, with built-in scripts for finding and sorting login data. It’s a veritable playground for hackers, who can automate credential stuffing attacks on individuals or groups to access services where exposed passwords have been reused.

If one of your passwords has ever leaked, and it’s one you’ve reused elsewhere, it’s a doorway for hackers to access those accounts. This is true even if the breached service is one you haven’t used in years.

Change all affected passwords

We encourage you to act calmly but quickly to protect yourself from any potential COMB-related threats by changing all affected passwords.

Rather than scramble to update dozens of different passwords, we recommend that you first check Watchtower for passwords affected by historic breaches, and passwords that have been reused. Because COMB is a re-sharing of data from historic breaches, Watchtower will identify credentials affected by this event. You should immediately change them.

After that, changing any other reused passwords to unique alternatives will help keep your accounts safe from future data breaches.

If you’ve already taken steps to change weaker passwords identified by Watchtower, the good news is that you’re already one step ahead. We recommend double-checking Watchtower for any new breaches affecting your accounts just in case, but it may be that your proactive steps have kept your data safe.

Support: Use Watchtower to find passwords you need to change; Change your passwords to make them stronger.

If in doubt, change it anyway

If you think a service you use has been affected by a breach but you don’t keep those login credentials in 1Password, you could search Have I Been Pwned for those passwords to see if they’ve ever been affected, but only if you’re 100% sure your internet connection is secure.

Our advice in this event would be to change the password in any case, ideally using 1Password to create a strong, unique replacement. Though Have I Been Pwned is the very service Watchtower integrates with to identify breached data, when using Watchtower all checks happen locally on your machine – we don’t send your passwords anywhere to make those checks.

Support: Get started with 1Password.

Set up two-factor authentication

Using two-factor authentication (2FA) is another great way to keep your data safe in the event of a breach. Because 1Password makes it easy to create and fill the one-time passwords you need, we recommend setting up 2FA wherever possible, starting with your most important accounts.

Again, Watchtower will identify sites that support two-factor authentication but where this hasn’t yet been set up. With 2FA in place, a hacker with your username and password will still struggle to gain access to your account.

Support: Use 1Password as an authenticator for sites with two-factor authentication.

Protect your company’s data with a domain breach report

If you’re a leader of your business, or responsible for IT or security, this event is a great reason to create a domain breach report for your company if you never have.

A domain breach report identifies any company email address that has been affected by a data breach, and also lets you know if a password was exposed so it can be changed. That way, you can let any affected employees know about passwords they’ll need to change ASAP to make sure important information remains safe.

The report will also let you know if any team members aren’t using 1Password so you can re-invite them to make sure they’re using strong, unique passwords for all their online accounts.

Support: Create a domain breach report for your company.

Get ahead of the game

Though 1Password is an invaluable tool in responding to data breaches, it’s even better to use 1Password to get ahead of the game. Whether or not you’re affected by these events, we recommend using Watchtower to make sure all your passwords are unique, and that two-factor authentication is used wherever possible.

And, if you’re a business, creating a domain breach report is a great way to identify security risks and encourage more team members to use 1Password. We’re proud to help millions of users keep safe in their apps and online accounts, and events like COMB remind us why we do what we do.

Get 25% off 1Password Families

Keep all your accounts secure with 1Password Families. Sign up now and get 25% off your first year.
Get 25% off

Content Marketing Manager

Andrew Zangre - Content Marketing Manager Andrew Zangre - Content Marketing Manager

Tweet about this post