04 Jun, 2024

361 Million Stolen Accounts Leaked on Telegram and Added to HIBP

361 million email addresses and stolen passwords were seized from password-stealing malware, credential stuffing attacks and data breaches and added to the data breach notification service called Have I Been Pwned (HIBP). In this way, users can check whether their accounts have been compromised.

Cybersecurity researchers collected the stolen data from cybercrime channels on Telegram, which shared it with users to gain reputation. Leaked data usually looks like this:

  • Username and password (password stuffing attacks or data breaches)
  • Username, password and associated URL (password-stealing malware)
  • Cookies (password-stealing malware)

This 122 GB data contains 151 million email addresses that have never been seen before. It is not possible to fully confirm the accuracy of the leaked information, but researchers have confirmed that much of it matches the relevant websites.

Due to such a large leak, entire sites may be affected. Last week, the same researchers shared data obtained from password-stealing malware on the BleepingComputer forum.

Information-stealing malware can steal data such as passwords, cookies, history, cryptocurrency wallets from your device and sell it to cybercriminals. These software can be transmitted through social media, pirated software, fake VPN applications or malicious emails.

BleepingComputer will reset the passwords of affected users and alert them. Since the leaked information has no time signature, it is recommended that you change all your passwords.

Practice safe internet habits to protect yourself. For example, do not open attachments from unreliable sources, download software only from reliable sources, use antivirus software and keep your software up to date.

Disclaimer

Dear visitor,

This news article is for informational purposes only and has been prepared with the aim of increasing awareness against attacks and taking precautions accordingly. We remind you that it is not legal to use the information in this article for purposes other than its intended purpose, and we recommend that you apply it in your test environments beforehand. Otherwise, we declare that CyberArts has no responsibility for any errors, omissions or malfunctions that may arise in your systems due to this situation, and cannot be held responsible for any direct or indirect damages or losses that may arise therefrom.

Regards,

CyberArts Informatics Incorporated Company

To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.

About Content:
361 million email addresses and stolen passwords were seized through various attacks and data breaches and added to the Have I Been Pwned (HIBP) service; This data, shared on cybercrime channels on Telegram, allows users to control account security. Details are in our content.
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram