Massive Password Data Breach Impacts Millions
Over a third of the leaked email addresses are new, indicating a significant volume of fresh data.
- An enormous trove of passwords, dubbed 'Naz.API', has been released online, containing over 71 million email addresses and 100 million passwords.
- More than 400,000 subscribers of the breach notification site 'Have I Been Pwned' have been impacted.
- Over a third of the email addresses in the breach have never been seen before, indicating a significant volume of new data.
- Much of the data is from 'stealer logs', malware installed on devices that captures login information.
- Users are advised to replace their recycled credentials with a password manager and to check if their data appears in the Naz.API dataset or in any previous breach on 'Have I Been Pwned'.