"A massive collection of 1.3 billion passwords alongside nearly two billion email addresses has been exposed online. Have I Been Pwned (HIBP), an online service that notifies people if they were exposed in a data breach, processed the data compiled from multiple sources where cybercriminals had published stolen credentials. HIBP CEO Troy Hunt, who admitted his password made the list, said: 'This corpus is nearly three times the size of the previous largest breach we [have ever] loaded.'"
"The dataset includes 1,957,476,021 unique email addresses and 1.3 billion unique passwords, 625 million of which had never been seen before by HIBP. With more than 5.5 billion people worldwide using the internet, researchers warned that a staggering number of individuals likely had at least some of their accounts compromised. These records combined past breaches with credential-stuffing lists, a type of data used by attackers to try stolen passwords across multiple accounts. HIBP verified the dataset by checking actual users' credentials."
A dataset containing 1.3 billion unique passwords and 1,957,476,021 unique email addresses has been exposed online. The compilation combined past breaches and credential-stuffing lists assembled from multiple sources where stolen credentials were published. Verification showed many passwords were old or unused, while others still protected active accounts, evidencing real-world risk. The corpus included 625 million passwords previously unseen by Have I Been Pwned and was confirmed by checking actual user credentials. Immediate protective measures include using a secure password manager, creating unique strong passwords, enabling two-factor authentication—especially on email and administrative accounts—and organizations running credential checks.
Read at Mail Online
Unable to calculate read time
Collection
[
|
...
]