You are reading a single comment by @hippy and its replies.
Click here to read the full conversation.
-
https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/
Looks like a bunch of services. You can read more about it and see if anything rings a bell or try and get hold of it and check which details of yours were found.
hippy
I got this message today from HIBP
“ In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular hacking forum. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data included 71M unique email addresses and 100M unique passwords.‘
The problem is, I have no idea which service/password was compromised so the notification seems inactionable.
Anyone have any ideas?