StealerLogsJan2025

High Impact

13 January 2025

•

71,039,833 records affected

•

HaveIBeenPwned

Search on Google

Description

In January 2025, stealer logs with 71M email addresses were added to HIBP. Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific websites the logs were collected against. The incident also resulted in 106M more passwords being added to the Pwned Passwords service.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity