Money Credit and You© Latest News and Information

Exploit.In (unverified) – 593,427,119 breached accounts

May 6, 2017

In late 2016, a huge list of email address and password pairs appeared in a &quot;combo list&quot; referred to as &quot;Exploit.In&quot;. The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for &quot;credential stuffing&quot;, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read <a href="https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned" target="_blank" rel="noopener">Password reuse, credential stuffing and another billion records in Have I been pwned</a>.