244 million stolen passwords exposed in crime forum leak

A breach on a crime forum has exposed 244 million stolen passwords from a hacker database.

What happened

A breach was reported involving the theft of 244 million previously unseen passwords from a hacker database. The data was exposed on a crime forum known as ALIEN TXTBASE, which operates as a Telegram channel. The breach stems from infostealer malware that compromises devices by capturing user credentials. The latest leak, which also includes 284 million unique email addresses, has raised concerns across the cybersecurity community. Troy Hunt, the founder of the well-known breach alert service Have I Been Pwned, confirmed the breach on February 25, 2025, after analyzing the compromised data.

Going deeper

The stolen data includes 1.5TB worth of stealer logs, with 23 billion rows of data and nearly 500 million unique email and website address pairs. While most of the email addresses had already been flagged in previous breaches, 244 million passwords had never been seen before. These passwords were added to Pwned Passwords, the service’s public repository of compromised passwords. According to Hunt, the passwords were collected by malware that captures credentials entered on infected devices and then adds them to stealer logs, which are sold on cybercrime marketplaces. 

What was said

Hunt discussed the seriousness of the breach, noting that it is yet another example of how cybercriminals are using platforms like Telegram to distribute large quantities of stolen data with ease. "Telegram makes it super easy to publish large volumes of data under the veil of anonymity," Hunt said, expressing concern over how easily this type of data can be spread across the dark web. 

The big picture

A breach like this isn’t just about numbers. Cybercriminals are constantly gathering fresh data and finding new ways to exploit it. Telegram and other encrypted platforms have turned into digital black markets where stolen credentials spread fast. The real risk isn’t just losing access to an account, it’s what happens next. One exposed password can lead to drained bank accounts, stolen identities, and a long, frustrating fight to regain control. Protecting yourself means using strong, unique passwords and locking down accounts with multi-factor authentication.

FAQs

How can I check if my password was stolen?

You can check if your credentials were compromised by visiting Have I Been Pwned and entering your email address or password.

What should I do if my password was exposed?

Immediately change the compromised password, especially if you’ve reused it on other sites. Enable multi-factor authentication (MFA) wherever possible for added security.

How do infostealer malware attacks happen?

Infostealer malware often spreads through phishing emails, malicious downloads, or fake software updates. Once installed, it captures and logs your credentials as you enter them.

Why is Telegram being used for data leaks?

Cybercriminals prefer Telegram due to its anonymity, ease of use, and encrypted messaging, which allows them to distribute stolen data without detection.