← All articles

56 million accounts surface in latest infostealer log compilation

Breach-tracking service Have I Been Pwned has added a fresh batch of stealer logs covering 56,278,397 accounts, harvested by infostealer malware from infected computers. Unlike a single company breach, stealer logs are credentials and session data scraped directly from victims' devices, often capturing the exact website-and-password pairs a person types, plus browser cookies that can let attackers skip login entirely. Because the data comes from malware on individual machines, exposure cuts across countless unrelated services. The scale is a reminder that infostealer infections, frequently spread through cracked software, malicious ads, and fake downloads, remain one of the biggest sources of credential theft.

Check
Check whether your email or your organization's domains appear in Have I Been Pwned's stealer-log dataset, and look for signs of infostealer infection such as unexpected logins or browser-session anomalies.
Affected
Anyone whose device was infected by infostealer malware; exposed data includes saved website passwords and browser session cookies that can bypass logins across many unrelated services.
Fix
Reset passwords for exposed accounts from a clean device, invalidate active sessions, enable phishing-resistant MFA, and run endpoint malware scans to find and remove the underlying infostealer.