Pastebin publishes over 300,000 hacked account details in 12 months

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

PastebinThe security researchers at High-Tech Bridge have been taking a close look at Pastebin.com, a site which is used legitimately by programmers to share code – but also popular with hackers who wish to anonymously dump stolen data to provide evidence of a successful breach.

Having discarded from its study obvious fakes, duplicates and minor information leaks involving more than 100 users, High-Tech Bridge discovered evidence that details of 311,095 compromised accounts (usernames and passwords) had been published on Pastebin in the last 12 months.

And it didn’t stop there, according to the Swiss firm, which noted that on average each leak recorded on Pastebin contained 1000 user credentials:

In many cases other personal details, such as credit card numbers, addresses and phone numbers of the victims were also published by the hackers.

Worst of all, according to researchers, the details published on Pastebin often reflected a mere “0.01% – 1% of the total information compromised by the hackers.”

Sign up to our free newsletter.
Security news, advice, and tips.

High-Tech Bridge CEO Ilia Ilia Kolochenko believes the problem seen on Pastebin to be just the tip of the iceberg:

“300,000 compromised user accounts during the last twelve months is a huge number if we take into consideration that this amount of information is being stored just on one single legitimate website. Moreover, these 300,000 are just a small percentage of the stolen information posted publically by hackers. It’s impossible to make a precise estimate of how many user accounts were really compromised, but I think we can speak about several hundreds of millions at least. People finally need to understand that the Internet is very hostile place, while online service providers need to finally start taking network security seriously.”

Effectively, the hackers are using Pastebin as a means to advertise their hacks, and their capabilities, whilst still impacting thousands of computer users and firms around the world.

Some companies have become so worried about their private data appearing on Pastebin that they use search engine bots to automatically scour the site at regular intervals, hunting for confidential information which may relate to their business.

So what kind of information is being leaked on Pastebin?

As the following chart shows, the most common source for the leaked information published on Pastebin are email systems:

Main source of leakages posted on Pastebin

Source of Leakage Percentage from Total
Email Systems 40.9%
Miscellaneous / Mixed / Unknown 40.6%
Social Networks 13.1%
Online Games 2.8%
Online Payment Systems 1.5%
Online Shops 1.1%

Two webmail services rule the roost when it comes to the most likely leaked credentials: Gmail and Yahoo. Perhaps that’s not surprising considering the popularity of the email services.

Most frequent compromised emails posted on Pastebin

Most Popular Domain Percentage from Total
gmail.com 25.1%
yahoo.com 22.0%
hotmail.com 7.6%
mail.ru 5.2%
Others 38.2%

By the way, in case you are wondering, social networking login credentials are often frequently posted on Pastebin by hackers. And there are no surprises at all which social network tops the chart.

Facebook accounts for a massive 92% of all compromised social network accounts listed on Pastebin, with Twitter taking up most of the remaining space with 7.8%.

For its part, Pastebin says that it receives a large volume of emails from users reporting abuse on its site, and does attempt to take “appropriate action” within 24 hours.

Of course, by then it’s often too late.

You can learn more about High-Tech Bridge’s examination of compromised accounts published on Pastebin, on the security firm’s website.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.