Security researchers 4iQ say they have discovered an aggregate of stolen data on the dark web comprising of a single file with a database of 1.4 million clear text credentials, which would make it the largest known such database found on the dark web, yet.
This particular find is almost two times larger than the previous largest credential exposure, the Exploit.in combo list that exposed 797 million records. This dump aggregates 252 previous breaches, including known credential lists such as Anti Public and Exploit.in, decrypted passwords of known breaches like LinkedIn as well as smaller breaches like Bitcoin and Pastebin sites, 4iQ revealed.
The 41GB dump was found on 5th December 2017 in an underground community forum, said 4IQ. The database was recently updated with the last set of data inserted on 11/29/2017. The total amount of credentials (usernames/clear text password pairs) is 1,400,553,869, the company said.
According to the security firm, they have tested a subset of the passwords type found on the database, and most have of them work just fine.
This simply means that even the most unsophisticated hacker will have access to this huge compilation of data, making it easier for them to engage in their criminal activities.