A vast compilation of 56 million email addresses and 124 million unique passwords has been added to the Have I Been Pwned database. This isn't a new breach but an alarming aggregation of credentials from countless past infostealer malware attacks. These "infostealers" are widespread, with billions of records compromised, enabling cybercriminals to launch credential stuffing attacks, particularly targeting users who reuse passwords. Experts urge immediate action: check HIBP for your details, change any compromised passwords, enable two-factor authentication, and adopt a password manager for unique, strong credentials. Consider switching to passkeys where available for superior security.
Davey Winder is a Senior Contributor at Forbes. He is a seasoned technology journalist with a focus on cybersecurity, covering critical topics such as cybercrime, data breaches, and device security, along with insights into the evolving landscape of IoT security and blockchain technology. Davey’s work has been featured in numerous outlets, including IT Pro, Yahoo News, and Forbes Australia.

















