Have I Been Pwned Adds 244 Million Stolen Passwords

Have I Been Pwned (HIBP), a popular breach notification site, has added 244 million new passwords and 284 million new email accounts to its database. These credentials were harvested from users via infostealer malware and shared on a Telegram channel known as Alien Textbase. The data includes 1.5TB of stealer logs, containing 23 billion rows with 493 million unique website and email address pairs. 

Infostealer Malware Threat: Infostealers are a growing threat to both corporate and consumer security. They are spread through phishing messages, drive-by downloads, malicious ads, and pirated software. Once installed, they record sensitive information such as credentials, crypto assets, and credit card info, which is then sold on cybercrime marketplaces. 

New APIs for Enhanced Security: HIBP has introduced two new APIs that allow domain owners and website operators to identify customers with compromised email addresses and passwords. These APIs are designed for larger organizations and can return vast volumes of data. 

Stay informed and vigilant to protect your personal and corporate data from cyber threats. 

Reference: Infosecurity Magazine