An unnamed Russian threat actor has released a file containing 3 billion unique combinations of emails and passwords on a well known Russian forum. The records appear to have been sourced from an illicit distributor of credentials, claiming to have 13 billion records.
Figures 1 & 2 above are screenshots of breached credential websites operated by Russian threat actors.
This release continues the trend of more frequent publications of large breach compilations. These data sets enable a broader range of threat actors to launch password stuffing attacks. In reporting this release, we hope to raise awareness to this issue.
The GroupSense team is analyzing the dataset and will be alerting clients to any new exposure. If you are concerned you may be affected by this release, please contact us.