This is the result of an automated process that gathers generic RedLine Stealer logs shared over different forums, Telegram groups, and other sources.

This is the result of an automated process that gathers generic combo lists shared over different forums, Telegram groups, and other sources.

On January 17th of 2019, an user named Aldesa, posted a magnet link in the famous xss.is forum to a file called "12 billion special for xss.is", claiming there were no duplicates, and crediting another user named Xrenovi4 for helping process the files. The admin of xss.is also thanked for the contribution. The file, named "rez_out.txt", contains 3,039,418,396 lines.

The Collection #4 data breach is part of a larger series of data dumps, including Collections #1 through #5, which compiled email addresses and passwords from thousands of sources, from previously known data breaches and some new alleged breaches. Collection #1 alone contained about 2.7 billion records, including 1.2 billion unique email and password combinations, 773 million unique email addresses, and 21 million unique plaintext passwords. Additional collections, named Collections #2 through #5, along with "AP MYR&ZABUGOR #2" and "ANTIPUBLIC #1," were also discovered, significantly adding to the scope of compromised data​.

In August 2022, news broke of an attack against the Russian streaming service "START". The incident led to the exposure of 44M records containing 7.4M unique email addresses. The impacted data also included the subscriber's country and password hash. START subsequently acknowledged the incident in a Telegram post and stated that the data dated back to 2021.