1.4B Credentials Dumped, Dark Web Database Found

From Data Dump to Dark Web Database 

On Dec. 5, 2017, a massive database with data from over 300 data breaches was discovered on the Dark Web. This Dark Web database contains over 1.4 billion unique clear text, or publicly viewable, login credentials, which experts have confirmed are legitimate pairings.

To make a long story short, 41GB of publicly viewable data was dumped on the Dark Web. From there, the information became accessible via a “Dark Web database,” allowing hackers to search the aggregated data by password type, user, breach event and more.

Unlike a single data breach event, this database aggregates breached data from hundreds of big-name data breaches like Netflix, LinkedIn, Minecraft and Bitcoin. The database is even more concerning because the information was found in clear text – meaning that anyone with access to it can view it. 

Largest Dark Web Aggregate List to Date

Exploit.In & AntiPublic Data vs. december 2017 dark web database; Source: 4iQ

Exposed Information

Exploit.in & AntiPublic Lists

Dark Web Database

Users (username/email)






Other breach aggregates like “AntiPublic” and “Exploit.in” hardly compare to this Dark Web database. 4iQ, the security company that originally discovered the dump, found 133 sets of data from both existing and new data breaches not included in AntiPublic or Exploit.in data. Overall, 385 million new credential pairs, 318 million new unique users and 147 million new passwords have been confirmed.

Security analysts have also noted that the database allows Dark Web users to easily search for specific information. For example, when 4iQ searched “admin,” “administrator” and “root,” 226,631 admin users appeared in the search results.


Why Password Security is Crucial

If you’re still on the fence about password reuse, let’s discuss how this Dark Web database can make it even easier for hackers to gain access to your online accounts.

Password reuse, or using the same login credentials for multiple websites, is the easiest way for criminals to hijack your accounts. Criminals can use the Dark Web database to find already-breached login credential pairs and attempt to log into other accounts.

For example, let’s say your Netflix credentials are the same as your online banking portal credentials. Since Netflix data was found amongst the information in this Dark Web database, a hacker could obtain your Netflix login credentials and use them to legitimately log into your online banking portal.

As avoidable as this sounds, password hijacking and account takeover via password reuse happens all the time. LastPass found that nearly 60 percent of us are regularly reusing passwords across all accounts. Additionally, 41 percent of surveyed employees said they used the same passwords for both personal and work accounts.


The Future of Breached Data

Security experts are concerned that these dataset dumps will likely evolve on the Dark Web. Terry Ray, CTO of security company Imperva, notes that the credentials found in this database are “only valid as long as users continue to make poor choices in password usage.” However, if criminals began using datasets to dump more personal information like names, Social Security numbers, and addresses, future databases could increase the “long-term value and longevity” of breached data.

What should I do?

Use the tips below to properly secure your online credentials and avoid future impact from this breach, as well as any other major data breach event:

Password Security Tips:

  1. Change your passwords immediately, especially online banking portals and email accounts.
  2. Do NOT use the same login credentials for multiple accounts. Password makes it much easier for hackers to legitimately access your accounts – even if they were not directly affected by a breach.
  3. Create unique passwords, keep them secure, and don’t share them. Password tools like password managers and generators are widely available, and they can be used for both personal and work-related accounts.

Online Resources & Tools:

  1. Have I Been Pwned?: Use this online resource to see if your usernames/email addresses were impacted by a major data breach.
  2. Password Strength Test: Use this online resource to see how long it would take hackers to crack your passwords, and get tips on how to improve them.

EZShield Online Customers

Did you know that you already have a Password Manager and generator tool accessible through your online dashboard? If you haven’t already done so, be sure to create your account and download our mobile app to access your Password Manager anywhere you go.

Continue following Fighting Identity Crimes to stay up-to-date on the latest ID Protection news, breach and scam updates and effective tips from our industry experts.

The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

John is General Counsel and Chief Privacy Officer of Sontiq, the parent company of the EZShield and IdentityForce brands. He is a Certified Compliance...
Read more about John Burcham.


    • Hi Edward,

      We’re sorry that you are experiencing issues related to these scams. Our Resolution Center will be able to better assist you, and will be in contact with you shortly.


      The EZShield Team


Leave a Comment.