15 Sep Millions of Emails, Passwords, Found on Free Hosting Site
Troy Hunt, creator of the Have I Been Pwned data breach index site, was recently alerted by the owner of a sharing service that someone had uploaded a massive database of email addresses, passwords in clear text, and partial credit card data, using free, public hosting.
Hunt says that the list is most likely intended for credential stuffing attacks which will automatically be run against various online services by hackers hoping to get a match.
Hunt says that around 91% of the passwords in the database already exists in Have I Been Pwned. The filenames in the collection also do not point to a particular source as there is no single pattern for the breaches they have appeared in.
Source: Bleeping Computer