DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Another day and Another Bulk Breach Dump Totaling over 3.4 Billion Credentials.

Posted on February 27, 2018 by Lee J

Reshared, Recycled, Swapped and Sold breach data is being a common thing and well once again someone has complied a bunch of public and not so public combo lists from well known previous breaches that when combined have a total of 3,443,684,697 Emails with 2,914,838,915 of them being unique leaving only about 333K duplicate entries.

The leak has originated from raidforums and was posted at First in the services section for general stuff by tutweb on the 20th of feb 2018 where they was asking at $70USD.

19th Feb 2018
First thread posted with links to a 8.77GB leak which contains ver 3000 databases, recently troy hunt had processed this data and done a nice article about it here.

20th Feb 2018
Posted for sale thread asking $70USD for the 154GB leak with links to a selly.gg shop that also contains various other for sale combo lists.

22nd Feb 2018
Posted another thread with links to the full 154GB leak which was hosted on fex.net.

Capture

Before even starting to download it, it was very clear that the data was a mix of old data but what was not clear was if there was any new or unseen data in this leak. After spending many hours ( no joke over 30hours because fex.net just has awesome speeds. ) downloading this data i set about figuring out how many total of emails/combo lists are in it, where the data has come from and what it is exactly.

The description of the post from the 20th had probably the most clear explanation of what and where this data came from.

Shops — 44 files -869.9 MB
Social networks – 2 files 85.1 MB
User:pass 11 files 452.8 MB
Country – 295 files – 1.82GB
Other – 2,7GB/ email for spam Dorks …..
Base – 35 files 3.26gb Privat Publick email;pass
Dump hash – 2490 files 3.86GB
Base with email access – 45 files – 1.21GB
Dumps Dehash/ all database email:pass – 3019 files – 8.77GB (games shop btc sites)
Game – 29 files 2.5GB
antipubluck personal – 305 files – 115.1GB – first Very big email pass database.
Russian – 36 files 1.64gb (mail.ru yandex.ru rambler.ru)
Money – very good database for brute money service. ebay amazon and other – 22 files 2.58 GB
BTC – database for brute BTC service – 18 files – 1.18GB
USA – usa database – 31 files 7.47GB

For the most part, the format of the leaked contents is all .txt files with lists of email:pass with the exception of files in the logs folder which contains 949 compressed files over 5 folders which are sorted into dates from early 2018 of a credentials stealer named Project Evrial which is being sold recently in clearnet market places for $40USD.

Each file in this directory contains a desktop.jpg, passwords.log and cookies folder with the passwords.log file being a log of the users login attempts that have been captured.

The other folder that is not included into the total count provided above is the Miscellaneous Folder which contains another huge load of leaks it self with 2.81GB and 338 files which includes compressed files as well. I left this out of the calculation until further notice as the contents here are a bit scattered in content. The contents in the Miscellaneous folder includes a trove of lists of links to different types of websites, raw dumps from older breaches in 2015/2016 with full sets of information including usernames, phone numbers and dobs for some of them; it also contains various tutorials and search dorks.

Troy Hunt from Have I Been Pwned has recently parsed and documented the 8.77GB leak posted on the 19th as well as adding another 80M entries from over 2800 new breaches to the HIBP database.

At time of publishing tutweb had not replied to my contact requests and all files are still accessible online.

Category: Breach Incidents

Post navigation

← University of Wisconsin-Superior Alumni Association notifies alumni after unintentional exposure of SSN
Another day and Another Bulk Breach Dump Totaling over 3.4 Billion Credentials. →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.