Hackers who breach online services tend to sell the stolen credentials on the dark web. There have been quite a few significant leaks in recent years in which credentials of hundreds of millions of users were leaked. It appears that some hackers have put most of those leaked credentials together in one handy bundle that contains 2.2 billion unique usernames and passwords. This database is now being distributed online for free.
According to reports, this collection of 2.2 billion unique usernames and passwords is being freely distributed through hacker forums and torrents. This means that anyone can get their hands on it, even though who don’t particularly know what to do with this data.
This follows an earlier megaleak of 773 million unique usernames and passwords that were also freely distributed online. Additional databases of the same sort have now appeared online, with a grand total of 845GB of stolen data.
Most of the stolen credentials appear to come from major attacks on companies like Yahoo, Dropbox, and LinkedIn. This presents a major problem for those who have a habit of using the same password for all of their accounts and don’t know if their information has leaked. They could be vulnerable to attacks in which hackers try automated combinations of usernames and passwords in hopes of making it stick. It often does in most cases.