LinkPass collection

The LinkPass collection surfaced in 2022 as a massive aggregation of compromised credentials. This dataset was primarily compiled through the use of information stealing malware designed to extract saved login information directly from web browsers. The breach scale is estimated at approximately 150 million records. The data included user identifiers such as nicknames, email addresses, and phone numbers paired with plain text passwords. Additionally, the collection specified the targeted websites for each set of credentials, making it a highly dangerous asset for credential stuffing attacks across numerous platforms globally.