Adding MFA is the most effective way to prevent unauthorized access even if the password is leaked.
This type of database is highly valuable to cybercriminals because "mail access" provides more than just a login; it grants entry to the core of a user's digital identity. 100K HQ MAIL ACCESS BASE BY Old_Deep 02-03-2023...
Check for "Sent" items you didn't write or "Read" statuses on emails you haven't opened. Adding MFA is the most effective way to
Change the password for the affected email account and any other accounts using the same or similar passwords. Change the password for the affected email account
The subject line refers to a specific data leak posted on a cybercrime forum by a threat actor known as Old_Deep . This specific leak was distributed on February 3, 2023, and contains approximately 100,000 sets of compromised email credentials, designed for "mail access"—meaning the credentials allow direct login to the mailboxes themselves. Incident Overview Source: A cybercrime forum or "dark web" marketplace. Leak Name: 100K HQ MAIL ACCESS BASE. Threat Actor: Old_Deep. Release Date: February 3, 2023.
If you or your organization believe your data was included in this specific "Old_Deep" leak, immediate action is required:
In mail providers like Microsoft 365 , administrators can use MailItemsAccessed logs to see exactly which messages a threat actor viewed. Use MailItemsAccessed to investigate compromised accounts