Hackers Are Passing Around a Megaleak of 2.2 Billion Records

An anonymous reader shares a report: When hackers breached companies like Dropbox and LinkedIn in recent years -- stealing 71 and 117 million passwords, respectively -- they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more into a gargantuan, unprecedented collection of 2.2 billion unique usernames and associated passwords, and is freely distributing them on hacker forums and torrents, throwing out the private data of a significant fraction of humanity like last year's phone book.

Earlier this month, security researcher Troy Hunt identified the first tranche of that mega-dump, named Collection #1 by its anonymous creator, a set of cobbled-together breached databases Hunt said represented 773 million unique usernames and passwords. Now other researchers have obtained and analyzed an additional vast database called Collections #2-5, which amounts to 845 gigabytes of stolen data and 25 billion records in all. After accounting for duplicates, analysts at the Hasso Plattner Institute in Potsdam, Germany, found that the total haul represents close to three times the Collection #1 batch.

Re:DB lookup?

[bandwannabe]

Assuming you're not having a laugh. Troy Hunt does this.

https://haveibeenpwned.com/

I hate hackers!

I wonder if these are the same hackers who installed a malware on my favorite 18+ videos site that made my browser start a remote control desktop and keylogger and allowed them to take control of my cam. (I didn't even know I had a cam!!) And they got my contacts and made a video of what I was watching and what I was doing when I was watching the 18+ videos, and they're going to send it to all my contacts unless I pay a bitcoin.