2.2 billion unique accounts compromised after ‘Collections #2-5’ dumped on torrent sites, here’s how to check yours

Earlier this month we saw what was considered to be the largest ever dump of stolen internet accounts with 773 million email addresses and 21 million passwords. The dump of compromised accounts was called “Collection #1”. Now, Collections #2-5 have been dumped and the numbers are staggering: 845GB of stolen data that includes 25 billion total records and 2.2 billion unique usernames and passwords.

Author Ad Placeholder
Will only appear on redesign env.

As reported by Wired, Collections #2-5 more than double the number of comprised accounts that have surfaced from Collection #1. Security researchers have concluded that 25 billion stolen records with 2.2 billion unique usernames and passwords are the numbers after accounting for duplicates found in Collections #2-5, creating a new record for the biggest data breach collection.

“This is the biggest collection of breaches we’ve ever seen,” says Chris Rouland, a cybersecurity researcher and founder of the IoT security firm Phosphorus.io, who pulled Collections #1–5 in recent days from torrented files.

Unfortunately, this massive collection of data has been making the rounds on the black market and Rouland says that the collection has been downloaded over 1,000 times on torrent sites already.

He could see that the tracker file he downloaded was being “seeded” by more than 130 people who possessed the data dump, and that it had already been downloaded more than 1,000 times. “It’s an unprecedented amount of information and credentials that will eventually get out into the public domain,” Rouland says.

Notably, much of the stolen information stems from prior breaches of Yahoo, LinkedIn, and Dropbox, but has just now surfaced with these massive dumps.

The sheer size of the collection also means it could offer a powerful tool for unskilled hackers to simply try previously leaked usernames and passwords on any public internet site in the hopes that people have reused passwords—a technique known as credential stuffing. “For the internet as a whole, this is still very impactful,” Rouland says.

You can check if any of your accounts have been compromised as a part of Collection #1 at Have I Been PwnedWired notes that Have I been Pwned hasn’t been updated with Collections #2-5 yet, but the Hasso-Plattner Institute’s tool has been.

Remember to always use 2FA when possible, use strong, unique passwords for each account you own, and make use of a password manager to help keep track of everything.

Check out 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel



Avatar for Michael Potuck Michael Potuck

Michael is an editor for 9to5Mac. Since joining in 2016 he has written more than 3,000 articles including breaking news, reviews, and detailed comparisons and tutorials.