That 16 Billion Password Story (AKA "Data Troll")
11 days ago
- #media-sensationalism
- #cybersecurity
- #data-breach
- Headlines about data breaches often exaggerate the number of passwords exposed for clickbait.
- A recent headline claimed 16 billion passwords were exposed, but the actual impact was much smaller.
- The data came from various infostealer logs, not a single breach, and much of it was already known.
- Analysis of the data showed 2.7 billion rows distilled down to 109 million unique email addresses.
- 96% of the email addresses and passwords in the data were already in Have I Been Pwned (HIBP).
- Only 4.4 million new email addresses were added to HIBP from this dataset.
- The data is not new and doesn't pose additional risks beyond what was already known.
- Media sensationalism around data breaches can distort the actual severity and impact.