This week, about 6 million entries were published on the Tor forum called Cebulka, which were supposed to contain Polish users' login details for the most popular portals.

How were the passwords stolen? There is a probability that they were downloaded from users by means of malware, so-called "stealer". Once infected, it downloads all the passwords on the victim's computer and sends them to the creators. Additionally, it is quite likely that the database is very up to date. It can be concluded that it has data even from 2023, and the number of victims is estimated at over 100,000 victims.

Example domains and number of items:

facebook.com: 119 334

allegro.pl: 88 282

.gov.pl: 44 385

Poczta.onet.pl: 28 747

Poczta.wp.pl: 12 056

x-kom.pl: 10 761

apricots.net: 2672

online.mbank.pl: 10 140

.ingbank.pl 1227

Some time ago, there was a bank customer data leak. As a consequence, banks blocked the possibility of paying by card for a limited period of time. It is possible that these events are related.

Source: zaufanatrzeciastrona.pl