Over 80 million e-mail addresses and passwords leaked including from South Africa and Nigeria

Over 80 million e-mails linked to online accounts and passwords, have been leaked on the Internet. The leaked data comes from a collection of 2,844 files compressed into a 8GB file and posted on a "well-known hacking forum" as Troy Hunt, Security Researcher and Founder of haveibeenpwned, reported.

A quick look at the list of text files contained within the compressed file reveals that several domains in both South Africa and Nigeria were affected by the data breaches and have their users' login credentials leaked online. Some of these domains include:

  • jozifm.co.za
  • www.engineeringnews.co.za
  • unizik.edu.ng
  • oscotechesaoke.edu.ng

"Almost all the files are just email addresses and plain text passwords (the occasional file has a username that's not an email address and a password). This is interesting in that it's reminiscant of the Explouit.In and Anti Public credential stuffing lists I loaded back in May. However, in those cases they were single lists amalgamated from multiple sources whilst in this case, we're looking at individual website names that appear to have had merely the credentials extracted from the source data breaches. It's also interesting because among nearly 3k other breaches, the data contains Dropbox," said Hunt.

This is not the first time that such a large data leak affecting users in Afrika has made its way into Hunt's haveibeenpwned service. In 2017 South Africa became aware of its largest ever data leak with over 60 million personal records, including e-mail addresses, ID numbers and more.

"I have no idea how many of these are legitimate, how many are partially correct and how many are outright fabricated. I've consequently flagged this "breach" in HIBP [haveibeenpwned] as unverified. However, I can confidently say that amongst this set was a large number of records in breaches that I've previously verified and that per the Dropbox example, there are passwords that have been used by the email addresses they're associated with," said Hunt.

Comments