A Data Dumb Exposes 773 Million Unique Email Addresses, 22 Million Passwords

By CircleID Reporter

Close to 773 million unique email addresses and 22 million unique passwords were found to be hosted on cloud service MEGA. The data breach dubbed "Collection #1" by security researcher Troy Hunt, was reported today as a set of email addresses and passwords totaling 2,692,818,238 rows. He writes: "It's made up of many different individual data breaches from literally thousands of different sources."

The numbers: "In total, there are 1,160,253,228 unique combinations of email addresses and passwords. ... The unique email addresses totaled 772,904,991. ... There are 21,222,975 unique passwords."

Have I Been Pwned: All the 772,904,991 email addresses exposed have been loaded into Have I Been Pwned (HIBP). "This number makes it the single largest breach ever to be loaded into HIBP."

Where did the data come from: "Last week, multiple people reached out and directed me to a large collection of files on the popular cloud service, MEGA (the data has since been removed from the service)," Hunt reports. "The collection totaled over 12,000 separate files and more than 87GB of data. One of my contacts pointed me to a popular hacking forum where the data was being socialised."

Related topics: Cloud Computing, Cybersecurity, Privacy, Web