1.4BillionRecords
About This Breach
A company called 4iQ in 2017, discovered a massive database of stolen usernames and passwords that was being traded on the dark web. The database, which was referred to as the ""largest-ever"" breach at the time, contained over 1.4 billion unique username and password combinations, as well as other personal information such as email addresses and IP addresses.
Data Exposed
Breach Details
| Breach Type | Combo List |
| Searchable | Yes |
| Verified | Yes |
| Sensitive Data | No |
| Reference | https://www.forbes.com/sites/leemathews/2017/12/11/billion-hacked-passwords-dark-web/?sh=632358521f2f (opens in new tab) |
Frequently Asked Questions
When did the 1.4BillionRecords data breach happen?
1.4BillionRecords was breached in Mar 2017. The breach was added to the XposedOrNot index on November 8, 2023.
How many records were exposed in the 1.4BillionRecords breach?
1,114,303,554 records were exposed, making it the #1 largest of the 763 breaches in our index.
What data was exposed in the 1.4BillionRecords breach?
The exposed data includes: Email addresses, Names.
What should I do if I was affected by the 1.4BillionRecords breach?
Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.
What Should You Do?
Enable Two-Factor Authentication
Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.
Monitor Your Accounts
Set up login alerts and review account activity regularly for suspicious access.