How the Pwnedlist Got Pwned

Brian Krebs reports:

Last week, I learned about a vulnerability that exposed all 866 million account credentials harvested by, a service designed to help companies track public password breaches that may create security problems for their users. The vulnerability has since been fixedbut this simple security flaw may have inadvertently exacerbated countless breaches by preserving the data lost in them and then providing free access to one of the Internet’s largest collections of compromised credentials.

Read more on KrebsOnSecurity.

About the author: Dissent

Comments are closed.