Looks like it’s time to change passwords again. Security researchers have discovered a massive database of login credentials — over 560 million emails and passwords — put together by an unknown person. All of the information is insecure.
The database was discovered by the Kromtech Security Research Center, who ran the information with Troy Hunt. Most of the information is already on Hunt’s Have I Been Pwned site, which allows users to see if their accounts have been compromised in previous data breaches.
That means most of the information contained on this database was compromised during other incidents at sites such as LinkedIn, LastFM, Tumblr, and Dropbox. So if you didn’t change your password during the original breach on any of those sites, now (when the information is floating around) is definitely the time to do it.
No one knows who actually put the database together, but the researchers are calling them “Eddie” after a user profile name in the data.
Read next: Samsung targeted by ZeniMax after Oculus win