Credential theft and device data exfiltration.
Naz.API is a corpus of stealer logs and credential-stuffing lists posted to a hacking forum in September 2023, containing 71 million unique email addresses and about 100 million unique plaintext passwords, often alongside the service each credential was used for. Roughly a third of the credentials had not been seen before.
ObscureIQ assessment: Because it mixes stealer logs and cred-stuffing lists, presence does not by itself prove infection; the mitigation is unique passwords and MFA.
The plaintext passwords tied to specific services are directly usable for account takeover; presence may reflect either infostealer infection or credential-stuffing collection.
Naz.API is a large aggregated dataset of stealer logs and credential-stuffing lists, not a breach of a single organization.
Time-bounded stealer log dumps typically package credentials, session artifacts, device metadata, and browser-extracted data collected from recently infected systems into a current snapshot. Their workflows emphasize recent collection, bulk consolidation, and easy downstream reuse.
Posted to a hacking forum in September 2023 and loaded into breach-notification services in January 2024, it became a widely referenced credential corpus.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Malware / Infostealer.
If you believe your information may be included:
Naz.API is a corpus of stealer logs and credential-stuffing lists posted to a hacking forum in September 2023, containing 71 million unique email addresses and about 100 million unique plaintext passwords, often alongside the service each credential was used for. Roughly a third of the credentials…
Verified fields include Email Address, Password.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation