The German firm Heise Security has found 2.2 billion email addresses and associated passwords, which it is labeling Collection 2-5, available for free on the web.
These credentials were found in data caches similar to the Collection 1 data dump that was exposed in mid-January and found to contain 773 million unique emails amid 600GB of total data found. As with Collection 1, this data was not recently exposed, but most likely compiled from earlier breaches, Heise reported. These details revealed is not exactly a surprise as the security firm Authlogics revealed on January 18 the existence of this new trove of data.
“Nevertheless, the compilation and re-release is likely to increase the likelihood that cyber crooks will try out the credentials. First, the gigantic data packets were traded in a relevant online forum, now they are also publicly accessible via the hoster Mega,” Heise reported.
“As shocking as all this news may sound, these types of dumps are far more regular than most people would think. However, many so-called “new” dumps often contain old data seen in previous breaches so even though the numbers sound scary often the volume of actual new data is significantly lower,” said Authlogics CEO Steven Hope.