124 Million Ukrainian Passwords Leaked Online in Massive Data Breach

New Data Collection Uncovered

According to НВ — Техно: A newly discovered trove of stolen credentials-containing over 56.3 million unique email addresses and 124 million unique passwords-has been uploaded to the Have I Been Pwned (HIBP) service. Unlike typical breaches that stem from attacks on a specific company or website, this data was harvested by information-stealing malware known as infostealers. The HIBP database was updated with this information on June 15.

HIBP representatives verified the dataset, confirming its authenticity. While many of the passwords are outdated, a significant portion remain active, highlighting ongoing security risks for users. For context, in November of the previous year, the same service flagged a collection of 1.3 billion passwords, underscoring the persistent threat of data leaks in the digital landscape.

Cybersecurity Experts' Recommendations

Cybersecurity experts strongly urge anyone who finds their credentials in the leaked database to change their passwords immediately across all platforms. To enhance security, they recommend the following steps:

• Use password managers.
• Enable two-factor authentication without exception.

These measures can significantly reduce the risk of unauthorized access to personal information.

This incident underscores the ongoing danger of data breaches in the digital world and the critical importance of safeguarding personal information. Users must remain vigilant about account security, as even old passwords may still be active and exploited by malicious actors. Regularly updating passwords and adopting additional protective tools like two-factor authentication are no longer just suggestions-they are essential practices for maintaining cybersecurity.

The recent data breach highlights the ongoing challenges in cybersecurity, particularly as cybercriminals continue to target sensitive institutions. In a related incident, hackers are now impersonating Ukraine's Central Bank and Presidential Office, demonstrating the evolving tactics used in cyberattacks. For more insights on this alarming trend, see how these impersonations are affecting national security and public trust in our latest report on cybercriminal activities.