Adding MFA is the most effective way to prevent unauthorized access even if the password is leaked.
Once inside a mailbox, attackers can use the "Forgot Password" feature on other services to intercept reset codes and take over secondary accounts. 100K HQ MAIL ACCESS BASE BY Old_Deep 02-03-2023...
Attackers may use these credentials to send fraudulent invoices or phishing links to a victim's professional contacts. Protective Measures Adding MFA is the most effective way to
Use tools like Have I Been Pwned or the Avast Hack Check to see if your email has appeared in this or other documented leaks. Protective Measures Use tools like Have I Been
If you or your organization believe your data was included in this specific "Old_Deep" leak, immediate action is required:
The subject line refers to a specific data leak posted on a cybercrime forum by a threat actor known as Old_Deep . This specific leak was distributed on February 3, 2023, and contains approximately 100,000 sets of compromised email credentials, designed for "mail access"—meaning the credentials allow direct login to the mailboxes themselves. Incident Overview Source: A cybercrime forum or "dark web" marketplace. Leak Name: 100K HQ MAIL ACCESS BASE. Threat Actor: Old_Deep. Release Date: February 3, 2023.