Store of 770m email addresses and passwords discovered after being posted to a hacking forum
The largest collection of breached data ever seen has been discovered, comprising of more than 770m email addresses and passwords posted to a popular hacking forum in mid-December.
The 87GB data dump was discovered by security researcher Troy Hunt, who runs the Have I Been Pwned breach-notification service. Hunt, who called the upload “Collection #1”, said it is probably “made up of many different individual data breaches from literally thousands of different sources”, rather than representing a single hack of a very large service.
Still, the work to piece together previous breaches has resulted in a huge collection. “In total, there are 1,160,253,228 unique combinations of email addresses and passwords,” Hunt writes, and “21,222,975 unique passwords”. While most of the email addresses have appeared in previous breaches discovered being shared amongst hackers, like the 360m MySpace accounts hacked in 2008 or the 164m LinkedIn accounts hacked in 2016, the researcher says “there’s somewhere in the order of 140m email addresses in this breach that HIBP has never seen before.”
Read Full Source: The Guardian