ShellCodeX Breach Report
June 2026 Stealer Logs Data Breach
Verified breach
Passwords exposed
Accounts exposed
56,278,397
Breach date
15 Jun 2026
Added to tracker
15 Jun 2026
Data classes
2
What happened
In June 2026, a collection of accumulated stealer logs from various sources was added to HIBP. The corpus comprised 56M unique email addresses across hundreds of millions of stealer log records. The data also contained 124M unique passwords, which have been added to Pwned Passwords and are now searchable. Individuals can view any records captured against their email address in the stealer logs section of their dashboard. Organisations can see logs affecting their domain via the stealer logs API.
Exposed data
Email addresses
Passwords
Recommended actions
- Change your June 2026 Stealer Logs password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing June 2026 Stealer Logs โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP