.webp "361 Million Unique Email Credentials Leaked On Telegram Channels")
.webp&description=361+Million+Unique+Email+Credentials+Leaked+On+Telegram+Channels){kind=link}
A massive data breach has occurred on Telegram, with over 122GB of data scraped from thousands of channels on the messaging platform. This data includes 1.7k files with 2 billion lines and 361 million unique email addresses, out of which 151 million had never been seen in the Have I Been Pwned (HIBP) database before. Along with email addresses, passwords were also part of the stolen data, along with information about the websites the credentials were associated with.
Troy Hunt, the creator of Have I Been Pwned, confirmed the legitimacy of the data and loaded it into the database due to the large number of previously unseen email addresses. Telegram has become a breeding ground for data breaches, as it is easy for users to share information anonymously through channels on the platform. Many data breaches distributed through Telegram appear as “combolists,” which contain combinations of email addresses or usernames and passwords used for unauthorized access to various online services.
The scale of this recent breach is significant, with the data originating from 518 different channels and comprising 1,748 separate files. Some of these files contain no data, while others are several gigabytes in size, with tens of millions of rows. These data sets are likely the result of info-stealing malware that collects user credentials as they are entered into compromised websites.
To verify the accuracy of the stolen data, HIBP conducted tests on various websites using the email addresses and passwords from the breached information. The tests confirmed the existence of the accounts associated with these credentials on platforms such as Nike, Footlocker, and an Italian tire retailer. Subscribers of HIBP were contacted to validate the legitimacy of the data, and their feedback confirmed the reach and uniqueness of the breached information.
The leak of 361 million unique email credentials on Telegram channels underscores the importance of robust cybersecurity measures and the need for users to be vigilant about their online security. This breach serves as a reminder of the risks associated with data exposure and the potential consequences of compromised credentials. As cyber threats continue to evolve, it is crucial for individuals and organizations to prioritize cybersecurity practices to protect sensitive information from unauthorized access.