CompilationOfManyBreaches 2021

On Tuesday, February 2, it was leaked on a popular hacking forum. It contains billions of user credentials from past leaks from Netflix, LinkedIn, Exploit.in, Bitcoin and more. This leak is comparable to the Breach Compilation of 2017, in which 1.4 billion credentials were leaked.

• Date: Feb 2, 2021
• Category: Hacking - Forum
• Numer of lines: 3,279,064,312
• Records Imported: 3,278,652,074
• Size: 98.98 GB
• Data: Email adresses, Passwords
• Passwords: Plain
• Imported:
• Links: cybernews.com

CDEK 2022

In early 2022, a collective known as IT Army whose stated goal is to "completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases" published over 30GB of data allegedly sourced from Russian courier service CDEK. The data contained over 19M unique email addresses along with names and phone numbers. The authenticity of the breach could not be independently established and has been flagged as "unverfieid".

• Date: Mar 9, 2022
• Domain: cdek.ru
• Country: Russia
• Category: Courier
• Records Announced: 19,218,203
• Numer of lines: 1,721,192,903
• Size: 275.21 GB
• Data: Email addresses, Names, Phone numbers
• Passwords: No
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com

ANTIPUBLIC #1 2016

In December 2016, a huge list of email address and password pairs appeared in a "combo list" referred to as "Anti Public". The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for "credential stuffing", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password.

• Date: Dec 16, 2016
• Category: Compilation
• Records Announced: 457,962,538
• Numer of lines: 1,545,422,902
• Records Imported: 1,540,820,165
• Size: 47.27 GB
• Data: Email addresses, Passwords
• Passwords: Plain
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com
  • raidforums.com
  • recordedfuture.com

Collection #5 2019

The Collection #5 data breach is part of a larger series of data dumps, including Collections #1 through #5, which compiled email addresses and passwords from thousands of sources, from previously known data breaches and some new alleged breaches. Collection #1 alone contained about 2.7 billion records, including 1.2 billion unique email and password combinations, 773 million unique email addresses, and 21 million unique plaintext passwords. Additional collections, named Collections #2 through #5, along with "AP MYR&ZABUGOR #2" and "ANTIPUBLIC #1," were also discovered, significantly adding to the scope of compromised data​.

• Date: 2019
• Category: Compilation
• Records Announced: 1,282,398,456
• Records Imported: 643,773,546
• Size: 20.82 GB
• Data: Email addresses, Passwords
• Passwords: Plain
• Imported:
• Links:
  • heise.de
  • raidforums.com
  • recordedfuture.com

Collection #1 2019

In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum. The data contained almost 2.7 billion records including 773 million unique email addresses alongside passwords those addresses had used on other breached services. Full details on the incident and how to search the breached passwords are provided in the blog post The 773 Million Record "Collection #1" Data Breach.

• Date: Jan 7, 2019
• Category: Compilation
• Records Announced: 772,904,991
• Records Imported: 1,192,012,436
• Size: 36.73 GB
• Data: Email addresses, Passwords
• Passwords: Plain
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com
  • raidforums.com
  • recordedfuture.com