Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service.

The Naz.API dataset is a massive collection of 1 billion credentials compiled using credential stuffing lists and data stolen by information-stealing malware.

Credential stuffing lists are collections of login name and password pairs stolen from previous data breaches that are used to breach accounts on other sites.

Information-stealing malware attempts to steal a wide variety of data from an infected computer, including credentials saved in browsers, VPN clients, and FTP clients. This type of malware also attempts to steal SSH keys, credit cards, cookies, browsing history, and cryptocurrency wallets.

  • Chaos
    36 months ago

    I’ve checked the list on mine, those are some really really old passwords… Must’ve been a long time ago.

    • @bfg9k
      36 months ago

      How were you able to search the list? I can’t find it anywhere

      • Bizarroland
        46 months ago

        Just tell me your username and password and I’ll tell you if you’ve been hacked

        • @bfg9k
          26 months ago

          Cheers mate.

          Looks like my decision to start using keepass was a good idea, these are all very old passwords