The cybersecurity service Have I Been Pwned (HIBP) integrated 23 billion stolen credentials from a malware operation named "ALIEN TXTBASE". This event is one of the largest data exposure events in its history.
The breach originated from a Telegram channel distributing "stealer logs." These logs contained 493 million unique website-email pairs and affected 284 million unique email addresses. Additionally, 244 million new passwords were added to HIBP’s Pwned Passwords database.
The stolen credentials encompass major services like Apple, Google, Facebook, Microsoft, and Twitter, as well as banks, cloud services, and government agencies. Users are advised to change passwords, enable two-factor authentication, and use unique, strong passwords.