Onliner Spambot

What Happened

In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.

Compromised Data

Email addresses
Passwords

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    711.5 million

  • Breach Occurred:

    August 2017

  • Added to HIBP:

    29 Aug 2017

Recommended Actions

Change Your Password

If you haven't changed your Onliner Spambot password since 2017, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password