Researchers Find 87GB Trove of Breached Log-Ins
January 17, 2019 / Phil Muncaster
A leading security researcher has warned of a major trove of breached data being shared on hacking sites, containing over 772 million unique email addresses and more than 21 million unique passwords. Troy Hunt, owner of the Have I Been Pwned (HIBP) breached credentials site, explained that he was alerted to the collection of 12,000 files hosted on the MEGA cloud service last week. Although the 87GB dump was subsequently removed, he was also notified of it being shared on a hacking forum under the moniker “Collection #1.” The total collection amounted to nearly 2.7 billion rows comprised of credentials stolen from thousands of sources in multiple breaches, said Hunt. After cleaning up the data, he reduced this figure to 772.9 million emails — the largest ever to be loaded into HIBP — and 21.2 million dehashed passwords.