Collection-1
About This Breach
Collection #1 is the name of a collection of email addresses and passwords that appeared on the dark web around January 2019. The database contains over 773 million unique email addresses, resulting in more than 2.7 billion email/password sets.
Data Exposed
Breach Details
| Breach Type | Combo List |
| Searchable | Yes |
| Verified | Yes |
| Sensitive Data | No |
| Reference | https://en.wikipedia.org/wiki/Collection_No._1 (opens in new tab) |
Frequently Asked Questions
When did the Collection-1 data breach happen?
Collection-1 was breached in Jan 2019. The breach was added to the XposedOrNot index on November 8, 2023.
How many records were exposed in the Collection-1 breach?
790,803,860 records were exposed, making it the #2 largest of the 763 breaches in our index.
What data was exposed in the Collection-1 breach?
The exposed data includes: Email addresses, Passwords.
What should I do if I was affected by the Collection-1 breach?
Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.
More Information Technology Breaches
What Should You Do?
Change Your Passwords
Update your password immediately, using 12+ characters with numbers and symbols.
Enable Two-Factor Authentication
Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.
Monitor Your Accounts
Set up login alerts and review account activity regularly for suspicious access.
Use a Password Manager
Never reuse passwords: use a password manager to generate unique ones for each account.