Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Massive Credential Breach Unveiled

January 19, 2024
Reading Time: 3 mins read
in Incidents

Security researcher Troy Hunt has uncovered a massive breach involving nearly 71 million unique credentials, affecting websites such as Facebook, Roblox, eBay, and Yahoo. The data has been circulating on the internet for at least four months and was posted on a well-known underground market that trades compromised credentials. Unlike typical password dumps, this breach stands out because approximately 25 million of the passwords had never been leaked before, signifying a substantial volume of new data. The compromised credentials appear to be a result of “stealer logs,” indicating that malware collected them from compromised machines.

Hunt emphasized the significance of the breach, highlighting that a third of the email addresses had never been seen before, making it statistically significant. The passwords were exposed in plaintext, which is uncommon, as breached passwords are usually cryptographically hashed. The dataset was authenticated by contacting individuals associated with the listed emails, confirming the accuracy of the credentials. While the underground market post claimed the data came from a breach called naz.api, Hunt noted that a considerable portion of the credentials originated from credential stuffing rather than malware.

The impact of this breach is extensive, revealing widespread password weaknesses, with many reused passwords appearing across different services. Hunt’s analysis of the dataset, involving 100 million unique passwords, indicated their recurrence 1.3 billion times. The breach underscores the prevalence of weak and reused passwords, with some credentials reportedly valid as of 2020 or 2021. The exposure poses significant security risks, emphasizing the need for users to adopt stronger and unique passwords to mitigate the potential impact of such credential compromises.

Reference:
  • Inside the Massive Naz.API Credential Stuffing List
Tags: Cyber Incidents 2024cyber-incidentcybercrimesData BreacheBayFacebookJanuary 2024PasswordsRobloxTroy HuntYahoo
ADVERTISEMENT

Related Posts

UBS and Pictet Hit By Vendor Data Breach

Hacker Mints $27M From Meta Pool Gets 132K

June 19, 2025
UBS and Pictet Hit By Vendor Data Breach

UBS and Pictet Hit By Vendor Data Breach

June 19, 2025
UBS and Pictet Hit By Vendor Data Breach

Cyberattack Disrupts Paris Air Show Website

June 19, 2025
Scania Insurance Data Stolen In Partner Hack

Scania Insurance Data Stolen In Partner Hack

June 18, 2025
Scania Insurance Data Stolen In Partner Hack

Pro Israel Group Claims $81M Nobitex Hack

June 18, 2025
Scania Insurance Data Stolen In Partner Hack

Hacker Sells Data Of 1M Cock.li Users

June 18, 2025

Latest Alerts

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Vishing Scam Bypasses Google 2FA

New Linux Flaws Allow Easy Root Access

Google Fixes GerriScary Supply Chain Flaw

Langflow Flaw Delivers Flodrix DDoS Botnet

Subscribe to our newsletter

    Latest Incidents

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    Cyberattack Disrupts Paris Air Show Website

    Scania Insurance Data Stolen In Partner Hack

    Pro Israel Group Claims $81M Nobitex Hack

    Hacker Sells Data Of 1M Cock.li Users

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial