A substantial collection of 361 million email addresses, obtained from password-stealing malware, credential stuffing attacks, and data breaches, has been incorporated into the Have I Been Pwned data breach notification platform, enabling individuals to check the security of their accounts. Cybersecurity analysts sourced these credentials from various Telegram cybercrime channels, where data is frequently shared to gain notoriety and followers.
The compromised data typically includes combinations of usernames and passwords, often acquired through credential stuffing or data breaches, alongside URLs linking to associated accounts, or raw cookies obtained via password-stealing malware. A portion of the collected credentials, totaling 122 gigabytes, was provided to Troy Hunt, the operator of Have I Been Pwned, containing a staggering 361 million unique email addresses, with 151 million never previously recorded in the service’s database.
Hunt, upon receiving the dataset, verified many email addresses by utilizing password reset mechanisms on respective websites, confirming their association with the listed URLs. However, he refrained from confirming the passwords themselves to avoid engaging in illegal activities. The stolen credentials, typically harvested by information-stealing malware, compromise sensitive information such as passwords, browser data, and cryptocurrency wallets, presenting a significant risk to affected individuals and necessitating extensive password resets across various accounts.
Reference:
