1.4 billion personal records leaked to the dark web in plaintext

It is one of the largest data leaks in history - and free to access

2017 has seen several massive data breaches, with millions of people affected. If you were one of them, it's very likely that your details can now be found on the dark web.

Cyber criminals have leaked the personal details of more than 1 billion people, in one of the largest such incidents in history.

Rather than being the result of a new data breach, security firm 4iQ said that the files were an amalgamation of those from several past breaches, collated into a single database that is over 41GB in size.

The details in the database include usernames, email addresses and passwords in plaintext - so can be read by anyone accessing the file. A frankly shocking proportion were shown to be of the weakest variety: 123456, qwerty and password among the most serious offenders.

Worryingly, 4iQ estimates that 14 per cent of the 1.4 billion records (almost 200 million) have not been seen in a decrypted form in previous leaks.

The data, which is alphabetised in the plaintext file, comes from about 250 previous breaches, including those affecting Netflix, LinkedIn and YouPorn. Although some of these breaches are old, the data is still useful to cybercriminals. 4iQ says that it tested ‘a small subset' of credentials and found that many of them are still valid.

Part of the problem is that people tend to re-use passwords between websites. That means that even if they have changed their password for a website that was breached, re-using the same email and password combination elsewhere could mean that attackers could access information in the second account.

The author of the file has not been identified, but Bitcoin and Dogecoin wallet addresses have been posted for anyone who wants to donate - the file is free to access.