logo

124M Passwords Exposed as Infostealer Malware Hits Millions of Devices

ID: 5c7278a1-499e-5fdc-9ce1-b4d417b93816

STIX ID: report--5c7278a1-499e-5fdc-9ce1-b4d417b93816

Feed Name: TechRepublic Security

Threat Score
72/100

Date Published: 2026-06-18

Date Updated: 2026-06-19

Author: Joseph Ofonagoro

...
...

Have I Been Pwned added a massive infostealer dataset containing roughly 124 million unique passwords and 56 million unique email addresses harvested from malware-infected devices. The report highlights a shift toward endpoint-based credential theft (infostealers) that bypasses corporate breaches, increasing risk of account takeover; it directs users to check passwords and email addresses on Have I Been Pwned and to replace any matched passwords.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.