unverified2016-10-13

Exploit.InExploit.In breach

593,427,119 records compromised

Records
593M
Breach date
2016-10-13
Data classes
2

Description

In late 2016, a huge list of email address and password pairs appeared in a "combo list" referred to as "Exploit.In". The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for "credential stuffing", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I Been Pwned .

Compromised data classes· 2

Email addressesPasswords

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Anti Public Combo List
Breach
Collection #1
Breach
Pemiblanc
Breach
Synthient Credential Stuffing Threat Data
Breach
Polish Credentials
Breach
LinkedIn
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.