Police in the German city of Verden say they’ve identified a stash of 18 million email addresses and associated passwords. The news comes just months after German authorities discovered 16 million credential sets stolen by cybercriminals.
According to Der Spiegel (report in German), it’s believed that at least three million of the 18 million usernames and passwords belong to users from . The number could be higher since many of them are .com addresses whose origin is more difficult to determine.
Unlike the previous incident, when many of the passwords were outdated, this time the data appears to be fresh. Verden authorities have notified the country’s Federal for Information Security (BSI) of their findings.
Der Spiegel has conducted an analysis of the incident and has determined that this latest incident could be connected to the one in which 16 million credentials were found.
In January, after the 16 million email addresses and passwords were uncovered, the BSI set up a new service in with Deutsche Telekom, Avira and other organizations to help users determine if their credentials were compromised.
It remains to be seen if the BSI launches a new website or updates the old one to include the newly uncovered information.