There are currently 4,604,676,162 / 4,748,055,404 accounts in our database.

We are in the process of re-indexing databases that where lost.

June 8th, 2016

Preface

Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set was provided to us by a user who goes by the alias "[email protected]", and has given us permission to name them in this blog.


LeakedSource is a search-engine capable of searching over 1.8 billion leaked records -- an aggregation of data from hundreds of disparate sources. We have been able to accumulate this data over a relatively short period of time through a combination of deep-web scavenging and rumor-chasing. Occasionally these efforts lead to major discoveries (e.g. Myspace.com, LinkedIn.com, Badoo.com), but we really aren't too picky. If we come across a leaked database from a company that most people haven't heard of, we will incorporate it into our master database just the same.


You may search for yourself in the leaked Twitter.com credentials by visiting our homepage.


Since embarking on this ambitious project just a handful of months ago, we have processed an unbelievable amount of data. Much more than we expected, more than most large companies will ever house -- and we're just getting started. LeakedSource may soon become synonymous with Big Data, so don't miss out!


Anyone may use the information on this page for free in any capacity provided LeakedSource is given credit and a link back.


LeakedSource does not engage in, encourage or condone unlawful entry ("hacking") into private systems.

Table of Contents

Summary

This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.


The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.


The proof for this explanation is as follows:

  • The join dates of some users with uncrackable (yet plaintext) passwords were recent. There is no way that Twitter stores passwords in plaintext in 2014 for example.
  • There was a very significant amount of users with the password "<blank>" and "null". Some browsers store passwords as "<blank>" if you don't enter a password when you save your credentials.
  • The top email domains don't match up to a full database leak, more likely the malware was spread to Russians.


Also we triple checked, Mark Zuckerberg isn't in this data set. We have attempted to contact Twitter to provide them some more information but have not heard back yet. The lesson here? It's not just companies that can be hacked, users need to be careful too.

API

After the last breach we received many requests for API access, and we are launching a business API with a consumer one to follow in the near future. You can read about the API features at our API page.

Passwords

Passwords were stolen directly from consumers, therefore they are in plaintext with no encryption or hashing. Remember that Twitter probably doesn't store the passwords in plaintext, Chrome and Firefox did.


For subscribed LeakedSource users, we are only displaying the first 3 characters of passwords, with a form that will allow you to validate if yours was leaked until Twitter responds to us. Anybody can verify that this form does not transmit any password information to LeakedSource, the verification is done by your browser.


The following table shows the top passwords used by Twitter.com users affected by malware.


RankPasswordFrequency
1123456120,417
212345678932,775
3qwerty22,770
4password17,471
5123456714,401
6123456789013,799
71234567813,380
812332113,161
911111112,138
101234511,239
1112312311,099
129-11-196110,444
13911196110,231
1400000010,124
156666669,264
165555558,586
171q2w3e4r5t8,386
186543218,358
1912348,257
20gfhjkm7,773
2177777777,659
222222226,696
23cepetsugih6,603
247777776,539
259999996,428
261122336,398
271q2w3e4r6,178
288888885,784
293333335,772
30qwerty1235,666
31iloveyou5,443
32exigent5,355
331597535,063
34123qwe4,934
35abc1234,816
36qwertyuiop4,797
371qaz2wsx4,753
381q2w3e4,493
39qqww11224,244
40pakistan4,001
419876543213,926
42qwe1233,597
43samsung3,351
44q1w2e3r43,271

Emails

Simple table of top email domains. Clearly Russian consumers download bad things. 3,022 emails end in *.gov


RankEmail DomainFrequency
1@mail.ru5,028,220
2@yahoo.com4,714,314
3@hotmail.com4,520,434
4@gmail.com3,302,205
5@yandex.ru1,020,757
6@aol.com586,661
7@rambler.ru428,084
8@bk.ru374,855
9@list.ru291,403
10@inbox.ru260,957
11@hotmail.fr196,206
12@hotmail.co.uk193,357
13@msn.com188,220
14@live.com163,167
15@comcast.net145,737
16@yahoo.co.uk104,183
17@ymail.com99,358
18@yahoo.fr85,964
19@sbcglobal.net84,830
20@ukr.net78,879
21@yahoo.co.in72,953
22@web.de67,010
23@yahoo.co.id62,247
24@libero.it60,294
25@ya.ru57,080
26@naver.com50,417
27@hotmail.it48,639
28@live.fr48,179
29@gmx.de47,117
30@rocketmail.com46,162
31@cox.net43,500
32@bellsouth.net42,586
33@hotmail.de39,703
34@rediffmail.com38,585
35@yahoo.com.br36,880
36@att.net35,654
37@live.co.uk35,624
38@verizon.net33,651
39@btinternet.com31,914
40@yahoo.de27,588
41@inbox.lv26,478
42@aim.com26,325
43@googlemail.com25,507
44@i.ua24,779
45@earthlink.net23,475
Follow @LeakedDatabase