Massive Password Data Breach Impacts Millions

Over a third of the leaked email addresses are new, indicating a significant volume of fresh data.

An enormous trove of passwords, dubbed 'Naz.API', has been released online, containing over 71 million email addresses and 100 million passwords.
More than 400,000 subscribers of the breach notification site 'Have I Been Pwned' have been impacted.
Over a third of the email addresses in the breach have never been seen before, indicating a significant volume of new data.
Much of the data is from 'stealer logs', malware installed on devices that captures login information.
Users are advised to replace their recycled credentials with a password manager and to check if their data appears in the Naz.API dataset or in any previous breach on 'Have I Been Pwned'.