Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Massive Credential Breach Unveiled

January 19, 2024
Reading Time: 3 mins read
in Incidents

Security researcher Troy Hunt has uncovered a massive breach involving nearly 71 million unique credentials, affecting websites such as Facebook, Roblox, eBay, and Yahoo. The data has been circulating on the internet for at least four months and was posted on a well-known underground market that trades compromised credentials. Unlike typical password dumps, this breach stands out because approximately 25 million of the passwords had never been leaked before, signifying a substantial volume of new data. The compromised credentials appear to be a result of “stealer logs,” indicating that malware collected them from compromised machines.

Hunt emphasized the significance of the breach, highlighting that a third of the email addresses had never been seen before, making it statistically significant. The passwords were exposed in plaintext, which is uncommon, as breached passwords are usually cryptographically hashed. The dataset was authenticated by contacting individuals associated with the listed emails, confirming the accuracy of the credentials. While the underground market post claimed the data came from a breach called naz.api, Hunt noted that a considerable portion of the credentials originated from credential stuffing rather than malware.

The impact of this breach is extensive, revealing widespread password weaknesses, with many reused passwords appearing across different services. Hunt’s analysis of the dataset, involving 100 million unique passwords, indicated their recurrence 1.3 billion times. The breach underscores the prevalence of weak and reused passwords, with some credentials reportedly valid as of 2020 or 2021. The exposure poses significant security risks, emphasizing the need for users to adopt stronger and unique passwords to mitigate the potential impact of such credential compromises.

Reference:
  • Inside the Massive Naz.API Credential Stuffing List
Tags: Cyber Incidents 2024cyber-incidentcybercrimesData BreacheBayFacebookJanuary 2024PasswordsRobloxTroy HuntYahoo
ADVERTISEMENT

Related Posts

China Briefly Cuts Off Global Internet

China Briefly Cuts Off Global Internet

August 21, 2025
China Briefly Cuts Off Global Internet

Comet AI Browser Duped by Fake Shops

August 21, 2025
China Briefly Cuts Off Global Internet

Orange Belgium Data Breach Hits 850K

August 21, 2025
Intel Employee Data Exposure Flaw

NY Business Council Data Breach Hits 47K

August 20, 2025
Intel Employee Data Exposure Flaw

Ransomware Gang Hacks Inotiv Firm

August 20, 2025
Intel Employee Data Exposure Flaw

Intel Employee Data Exposure Flaw

August 20, 2025

Latest Alerts

QuirkyLoader Spreads RATs, Keyloggers

GenAI Used by Hackers for Phishing

Malicious Chrome VPN Steals Data

RingReaper Malware Hits Linux Servers

Mozilla Security Advisory AV25-529

Microsoft Issues Windows Fix Update

Subscribe to our newsletter

    Latest Incidents

    Comet AI Browser Duped by Fake Shops

    China Briefly Cuts Off Global Internet

    Orange Belgium Data Breach Hits 850K

    NY Business Council Data Breach Hits 47K

    Ransomware Gang Hacks Inotiv Firm

    Intel Employee Data Exposure Flaw

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial