Hi Guys,

I hope you are well.

Avvo – 4,101,101 breached accounts

In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum (it’s possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. Multiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified.

If you have an account with Avvo please do the following:

  • Change your password and make sure your new password is at least ten characters long and contains an upper case, lower case, number, and a symbol. You can even use a modified phrase or a line from a song if that helps you remember.
  • Make sure you do not use the same password twice as this leaves you vulnerable to credential stuffing.
  • Find a good password manager tool to help you remember all of your passwords. Some of our users say that 1Password is a good tool.
  • Check out Incognito’s Email Hack Check tool. All you have to do is enter your email address and we will tell you instantly if it has been involved in one of the many data breaches that happen every day.

Please let me know if you need any help in relation to this.

All the best,

Max Roberts,

Incognito Privacy Care Team