A misconfigured spam server exposed more than 700 million email addresses and some passwords—though the number of real people’s emails addresses is likely lower.
It’s the largest data leak from a spammer, The Guardian reported, but many of the email addresses seem scraped from the internet or guessed by combining words with domain names. The data was available for anyone to download without credentials.
The data, however, appears to be from other previous breaches. Security researcher Troy Hunt told The Guardian that some of the emails and passwords match those from a LinkedIn breach from May 2016.