[BreachExchange] More than three billion emails and passwords were just leaked online

[Destry Winant]

https://www.techradar.com/sg/news/more-than-three-billion-emails-and-passwords-were-just-leaked-online

Normally when a data breach occurs, the cybercriminals responsible may
leak the usernames and passwords stolen from one organization or
company. However, a new compilation recently posted on an online
hacking forum contains more than 3.2bn unique pairs of cleartext
emails and passwords gathered from past leaks.

As reported by CyberNews, this new data leak is being referred to as
the “Compilation of Many Breaches” (COMB) as it contains more than
double the amount of unique email and password pairs than the Breach
Compilation from 2017 in which 1.4bn credentials were made available
online.

Additionally, just like with 2017's Breach Compilation, COMB's leaked
database contains a script named count_total.sh. However, this latest
leak also includes the scripts query.sh for querying emails and
sorter.sh for sorting the data it contains.

After running the count_total.sh script, CyberNews found that COMB
contains more than 3.27bn email and password pairs. For this reason,
the news outlet is currently adding the credentials from the leak to
its Personal Data Leak Checker so that users can find out whether
their emails or passwords were exposed online.

COMB

Instead of being a new data breach, COMB appears to be the largest
compilation of multiple breaches ever posted online. This new data
leak shares many similarities to 2017's Breach Compilation including
the fact that its data is organized in a tree-like structure and that
the same scripts are used for querying emails and passwords.

At this time, it is still unclear as to which previously leaked
databases have been included in COMB. However, samples seen by
CyberNews show that the emails and passwords contained in the leak
originate from domains all over the world.

As a large number of users reuse their passwords and usernames across
multiple online accounts, the impact to consumers and businesses as a
result of COMB may be unprecedented as this data can be used to launch
credential stuffing and other cyberattacks. Another problem is the
fact that cybercriminals can use the credentials from a user's social
media accounts to pivot to other more important accounts such as their
email or even their cloud storage.

To prevent falling victim to any future accounts carried out using the
data contained in COMB, CyberNews recommends that users set up
multi-factor authentication and use a password manager to further
protect their online accounts.

We'll likely hear more from the news outlet once all of the data in
COMB has been analyzed to determine which leaks the 3.2bn+ emails and
passwords originally came from.