For roughly four months, a gigantic email and password dump was circulating on the dark web, and no one in the cybersecurity community noticed, until now.
Have I Been Pwned? (HIBP) has added a new database containing roughly 71 million email addresses to its platform. The service allows users to see if their email addresses were picked up by threat actors at any time in the past and, if so, which service was breached to obtain the information.
While announcing the new addition, HIBP owner Troy Hunt says he dismissed the database earlier because it seemed to be nothing more than old information - repackaged. Upon closer inspection, however, he determined that a third of the email addresses were brand new, making the data dump “statistically significant”.
Significant data volume
This isn't just the usual collection of repurposed lists wrapped up with a brand-new bow on it and passed off as the next big thing; it's a significant volume of new data,” Hunt wrote. “When you look at the above forum post the data accompanied, the reason why becomes clear: it's from ‘stealer logs’ or in other words, malware that has grabbed credentials from compromised machines.”
When a user types in their email in the Have I Been Pwned? service, if their email pops up under the “Naz.API” submission, that means that they were, most likely, infected by malware at some point in the past (or are infected still). That also means that the malware stole passwords for various services. Unfortunately, it’s difficult to determine which service (unless the user recognizes the unique username/password combination). Some of the services mentioned include Facebook, Yahoo, Roblox, eBay, and others.
The database counts 319 files, totaling 104GB. Exactly 70,840,771 unique email addresses were exposed, and 427,308 individual Have I Been Pwned? subscribers impacted.
More from TechRadar Pro
- Billions of passwords and email addresses have been leaked online - so change your logins now
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.