Are you still reusing passwords between your different accounts in 2024? You should rethink that, because this giant password leak could well include your details.<\/p>\n\n\n\n
Troy Hunt, creator of the helpful Have I Been Pwned<\/a> website for finding out if your details are in password leaks, says this new leak<\/a> is one of the largest he’s ever seen.<\/p>\n\n\n\n Dubbed “Naz.API,” this credential stuffing list (used by hackers to try email and password combinations rapidly on their target) has a staggering 70 million email addresses and over 100 million passwords inside.<\/p>\n\n\n\n And unlike many lists on Have I Been Pwned, “a third of the email address have never been seen before.”<\/p>\n\n\n\n If you haven’t already, it’s time to start using a password manager<\/a>. Preferably one that supports two-factor authentication<\/a>, and enable that on services that support it while you’re changing passwords.<\/p>\n\n\n\n Then read on for the rest.<\/p>\n\n\n\n New breach: The Naz.API stealer logs and cred stuffing lists were posted to a hacking forum in Sep. Data included 71M email addresses and 100M plain text passwords, often alongside the service they were used for. 67% were already in @haveibeenpwned<\/a>. More: https:\/\/t.co\/Uef4G7gOei<\/a><\/p>— Have I Been Pwned (@haveibeenpwned) January 17, 2024<\/a><\/blockquote> New password leak probably has your details inside<\/h2>\n\n\n\n