Dowsett is a security architect; she leads response efforts during security incidents.

Data Dumps are usually large text files with user data from a breach an attacker dumped online or even at times, sells. The information is available to anyone looking for it. There are even sites such as cdn.databases.today which collect user data and make available for security researchers to examine.

We will be examining a data dump from a Comcast data breach and explaining the pieces of data. A formatted snapshot down below, of an SQL query entry, gives us a quick understanding of the relationship of the data. The INSERT INTO notes the names of the columns of user data needed by the site. The VALUES are the data that is stored by the application from the user. So in the image below the migration_password for the user kenny999991 is damiano1

While it can be scary to see other people's information leaked online, know the trouble will not stop there. If you are a high-value target, and your email and password from one site are known, chances are an attacker will input your credentials into other websites. If you reuse the same password then chances are other accounts of yours will be taken over. 

There is a way to check if your email has been leaked online using the site called haveibeenpwned.com which was created by Troy Hunt, who is now a Microsoft Regional Director and is also a strong web developer security advocate. If your email has been leaked online. then you will be shown which corporate breaches your information has been leaked, as displayed in the image below:

The email [email protected] has been compromised as shown

Some password managers such as 1password automatically check with haveibeenpwned and alert you.

This guide was first published on May 24, 2019. It was last updated on May 24, 2019.

This page (Data Dumps) was last updated on May 23, 2019.

Text editor powered by tinymce.