Researcher releases 10 million usernames, passwords from data breaches

A researcher has released 10 million usernames and passwords collected from data breaches over the last decade, a step he worries could be a legally murky but one that will help security research.

The data comes from major data breaches at companies including Adobe Systems and Stratfor, all of which have already been publicly released and can be found through Web searches, said Mark Burnett, a Utah-based security consultant who has written several networking and security books.

Most of the passwords are likely invalid, and he has scrubbed other information such as domain names to make it unusable for hackers, Burnett said. Still, usernames or passwords found on the list that are still used should be changed.

To read this article in full or to leave a comment, please click here