BleepingComputerJun 3, 2024
A massive trove of 361 million email addresses from stolen credentials leaked on Telegram were added to Have I Been Pwned.
https://www.bleepingcomputer.com/news/security/361-million-stolen-accounts-leaked-on-telegram-added-to-hibp/
361 million stolen accounts leaked on Telegram added to HIBP

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.

BleepingComputer
Show threadBleepingComputerJun 3, 2024

Cybersecurity researchers, who wished to remain anonymous, collected the credentials from various Telegram channels.

The resulting 122 GB dataset was shared with Troy Hunt, who says it contains 361 million unique email addresses.
https://x.com/haveibeenpwned/status/1797715081817710988

Have I Been Pwned (@haveibeenpwned) on X

New breach: Last week, 361M unique email addresses were collated from malicious Telegram channels. Data also included passwords and often, the website they were entered into, captured by info stealer malware. 58% were already in @haveibeenpwned. More: https://t.co/5DSTy4xfLN

X (formerly Twitter)
Show threadBleepingComputerJun 3, 2024

Last week, the same researchers shared a sample of this data with us that contained BleepingComputer forum accounts.

All of these credentials were stolen via information-stealing malware based on the format (url:name:password) of the data.

Show threadApicultor 🐝Jun 3, 2024
@BleepingComputer Blurring can often be undone. Best to obliterate it with solid colour.
Show threadNosirrahSec 🏴‍☠️ guillotine enthusiastJun 3, 2024
@apicultor @BleepingComputer Normally I hate a reply-guy thing like this, but you have a very valid point given the nature of the data blurred here.
Show threadBleepingComputer

@NosirrahSec @apicultor

Fixed..thanks!

Jun 3, 2024 at 9:53pmWeb