5 comments

[ 4.8 ms ] story [ 20.5 ms ] thread
My search led me to a dead RaidForums thread (https://raidforums.com/thread-123903-page-2.html), but more actual details were up on eg. (be careful with sites like these)

https://winbuzzer.com/2021/02/09/billions-of-user-passwords-...

I wonder why is it so hard for us "regular folk" to get a hold of this DB (surprise, surprise, I do NOT want to query my credentials on another web site), yet regulars on these "hacking" forums probably have it easy.

There is still a live thread on that forum that can be found via Google. I don't want to link to it because I'm not sure if that's allowed. Just search for the name of the forum followed by the abbreviation of the database and you will probably find it.
If this is real, why is there no interest in this story?!

Ah.. it says it's not a new leak, just old ones combined. Strange article. The highlight for me was:

"Because COMB is a quick, searchable, well-organized database of past major leaks, it naturally contains past leaks."

I was told that this database also contains user credentials that were unknown to Have I Been Pwned, so maybe there were also some newer or lesser known breaches compiled in. In any case it is a valuable resource when you don't trust services like HIBP. That database contains some ancient user credentials of mine, I should probably check if family and friends are in there as well and if they are, urge them to change those passwords in case they are still using them somewhere.
Thanks. It contained my current email password!