pemiblanc.com

Critical Impact

2 April 2018

•

110,964,206 records affected

•

BreachAware

Search on Google

Description

In April 2018, a credential stuffing list containing over 100 million email addresses and passwords was discovered on a misconfigured French server at pemiblanc.com. Multiple exposed text files contained massive lists of email addresses and passwords that were collected from various data breaches and used to fuel Account Takeover Attacks (ATO) against other services. The dump was made readily available on various hacking forums in July 2018.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity