Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Massive Credential Breach Unveiled

January 19, 2024
Reading Time: 3 mins read
in Incidents

Security researcher Troy Hunt has uncovered a massive breach involving nearly 71 million unique credentials, affecting websites such as Facebook, Roblox, eBay, and Yahoo. The data has been circulating on the internet for at least four months and was posted on a well-known underground market that trades compromised credentials. Unlike typical password dumps, this breach stands out because approximately 25 million of the passwords had never been leaked before, signifying a substantial volume of new data. The compromised credentials appear to be a result of “stealer logs,” indicating that malware collected them from compromised machines.

Hunt emphasized the significance of the breach, highlighting that a third of the email addresses had never been seen before, making it statistically significant. The passwords were exposed in plaintext, which is uncommon, as breached passwords are usually cryptographically hashed. The dataset was authenticated by contacting individuals associated with the listed emails, confirming the accuracy of the credentials. While the underground market post claimed the data came from a breach called naz.api, Hunt noted that a considerable portion of the credentials originated from credential stuffing rather than malware.

The impact of this breach is extensive, revealing widespread password weaknesses, with many reused passwords appearing across different services. Hunt’s analysis of the dataset, involving 100 million unique passwords, indicated their recurrence 1.3 billion times. The breach underscores the prevalence of weak and reused passwords, with some credentials reportedly valid as of 2020 or 2021. The exposure poses significant security risks, emphasizing the need for users to adopt stronger and unique passwords to mitigate the potential impact of such credential compromises.

Reference:
  • Inside the Massive Naz.API Credential Stuffing List
Tags: Cyber Incidents 2024cyber-incidentcybercrimesData BreacheBayFacebookJanuary 2024PasswordsRobloxTroy HuntYahoo
ADVERTISEMENT

Related Posts

Hackers Target Oracle Apps For Extortion

Hackers Target Oracle Apps For Extortion

October 3, 2025
Hackers Target Oracle Apps For Extortion

Hospital Cyberattack Leaks Patient Data

October 3, 2025
Hackers Target Oracle Apps For Extortion

UK Renault Dacia Customer Data Stolen

October 3, 2025
Smishing targets routers in Belgium 2025

Dealership Software Breach Hits 766k

October 2, 2025
Smishing targets routers in Belgium 2025

Allianz Life July Breach Hits 1.5M

October 2, 2025
Smishing targets routers in Belgium 2025

Suffolk Website Down After Cyber-Attack

October 2, 2025

Latest Alerts

Facebook Scams Target Seniors With Malware

Android Spyware Poses As Signal And Totok

Chrome Update Fixes 21 Security Flaws

Outlook Bug Causes Repeated Crashes

Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

Subscribe to our newsletter

    Latest Incidents

    Hackers Target Oracle Apps For Extortion

    Hospital Cyberattack Leaks Patient Data

    UK Renault Dacia Customer Data Stolen

    Allianz Life July Breach Hits 1.5M

    Dealership Software Breach Hits 766k

    Suffolk Website Down After Cyber-Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial