Have I Been Pwned (HIBP), the favored breach notification service, has added one other large dataset to its platform. This time, 1.96 billion accounts related to the Synthient Credential Stuffing Menace Information, in collaboration with the threat-intelligence agency Synthient.
Customers who subscribe to HIBP alerts, together with this author, acquired an e mail notification stating: “You’ve been pwned within the Synthient Credential Stuffing Menace Information knowledge breach.”
In response to the message, the incident entails practically two billion distinctive e mail addresses and round 1.3 billion passwords. The info consists of e mail addresses and passwords that had been compiled from earlier breaches and circulated inside credential-stuffing lists. These lists are generally utilized by attackers to focus on accounts the place customers have reused passwords throughout a number of platforms.
The notification specifies that the breach occurred in April 2025, however notes that knowledge like this could take months and even years earlier than it turns into publicly accessible and is processed by HIBP. The platform goals to alert customers as quickly as the info turns into verifiable and out there for inclusion.
What the Information Is and How It Originated
HIBP’s description explains that the data was not taken straight from a single hacked service. As a substitute, it was aggregated by Synthient, a threat-intelligence agency that collects and analyses credential-stuffing knowledge from malicious sources throughout the web.
Throughout 2025, Synthient compiled practically 2 billion distinctive e mail addresses from varied breached databases, many already circulating in clear and darkish internet boards. These credentials are sometimes utilized by cybercriminals to automate login makes an attempt on unrelated platforms in hopes of getting access to extra accounts by password reuse.
Not the First Synthient Dataset Added to HIBP
This isn’t the primary time Synthient knowledge has appeared on Have I Been Pwned. In October 2025, as reported by Hackread.com, HIBP added one other dataset titled Synthient Stealer Credentials, which contained 183 million stolen credentials harvested from stealer logs.
That earlier assortment represented info straight extracted from contaminated gadgets, whereas this new addition is a compilation of credentials gathered from credential-stuffing lists fairly than reside malware infections.
What Customers Ought to Do
The addition of this knowledge exhibits the dangers of password reuse and large-scale credential aggregation. Even when the info isn’t from a brand new direct breach, having your e mail and password seem in such lists means your accounts may very well be in danger.
For now, it’s endorsed that anybody notified by the service ought to change reused passwords instantly, allow two-factor authentication, and keep away from utilizing the identical password throughout a number of accounts.
Keep away from the Clickbait Confusion
Readers must be cautious about exaggerated or deceptive studies that will floor following this replace. This incident isn’t a direct knowledge breach. The dataset combines info from beforehand uncovered credentials present in a number of sources and compiled by Synthient.
The gathering consists of e mail addresses from many suppliers equivalent to Hotmail, Gmail, Yahoo, and others, however that doesn’t imply these providers had been hacked. Claims like “2 billion Gmail accounts hacked” or “Google breached” will likely be false and deceptive.
Abstract
- Breach Title: Synthient Credential Stuffing Menace Information
- Date of Breach: April 2025
- Accounts Affected: 1.96 billion
- Information Uncovered: E-mail addresses and passwords
- Supply: Aggregated credential-stuffing lists collected by Synthient
- Associated Incident: Synthient Stealer Credentials (183 million accounts, added October 2025)
