Have I Been Pwned Discovers 70 Million Stolen Credentials in Single Dataset – Computers – News

Nearly 71 million user details were posted online at one time by a hacker forum user. The data is part of the so-called Naz.API dataset and comes from Facebook, eBay and Yahoo, among others.

About a third of the email addresses that ended up on the street as part of this dataset were not previously in the Have I Been Pwned database, says Troy Hunt, the founder of the data breach search engine. According to him, this is a “significant amount of new data.” The captured data is said to largely come from log stealers or malware that steal login details from compromised computers.

However, Hunt also discovered that his data is part of the dataset and concluded that it is not just theft logs, but also data stolen from compromised websites. However, in the latter case it appears to be relatively old data; Hunt said he had not used the published password for more than a decade.

While the founder can’t say for sure that the email addresses and passwords in the dataset are legitimate, he says he has “high confidence” that the data is real based on checks he performed. It’s not entirely clear which sites the login data came from, but based on a screenshot shared by Hunt, it’s definitely Facebook, eBay, Yahoo, and Roblox. According to Hunt, the email addresses and passwords have now been added to Have I Been Pwned.

Some credentials present in the Naz.API dataset
2024-01-18 12:04:20
#Pwned #Discovers #Million #Stolen #Credentials #Single #Dataset #Computers #News