A 41GB file dump was found in an underground community forum filled with usernames and passwords in plain text. The total amount of credentials in the leak is 1,400,553,869 and when tested by a security firm named 4iQ, most of the passwords were verified to be true.
This breach is nearly two times larger than the last data breach and includes 252 previous breaches. It doesn’t stop there, this breach is not simply a list, it is an interactive database that is extremely fast. Searching “admin,” “administrator” and “root” returned 226,631 passwords of admin users in a few seconds to 4iQ in roughly one second.
The data shows the reuse of emails and passwords and how passwords change over time. The most common passwords found in the breach were 123456″, “123456789”, “qwerty,” “password” and “111111.”
4iQ is still processing the data but has found that the breach added 385 million new credential pairs, 318 million unique users, and 147 million passwords to previously aggregated dumps. Basically, this database was a compendium of some of the biggest leaks, including brand new leaks and old leaks.
Credentials leaked in this breach have been listed to include Bitcoin Lixter, Pastebin, LinkedIn, MySpace, Xsplit, Netflix, Twitter, YouPorn, Last.FM, Zoosk, Badoo, RedBox, games like Minecraft and Runescape, and credential lists like Anti Public, Exploit.in.
Please change your passwords.