According to The Indian Express, more than 772 million email addresses and 22 million passwords have been found to be compromised. This is allegedly the biggest data breach in recent times.
Microsoft's regional director and MVP for developer security, Troy Hunt calls it Collection #1. He was the first to reveal the breach. The collection was uploaded to cloud service MEGA and contained over 12,000 files which add to 87GB. The collection has since been deleted from MEGA.
He said that the collection dump was a set of email addresses and passwords totalling 2,692,818,238 rows.
He later created a website haveibeenpwned.com for people to check if their email address or passwords have been compromised.
He explained in his blog post that if a password that you use shows up there, then it's time to stop using it.
The emails were listed against breached sites, so the same email ID could be breached on many of the listed sites.
The risk, Hunt said, is of credential stuffing, where people are used to recycling passwords across different email IDs.