On January 17, 2019, Troy Hunt (creator of HaveIBeenPwned) disclosed ‘Collection #1’ — an 87GB aggregated credential dump that had appeared on MEGA cloud storage and hacking forums. It contained 772,904,991 unique email addresses and approximately 21 million unique passwords from approximately 2,000+ previously breached websites. This was not a single breach but a mega-aggregation of prior breach data, compiled specifically for high-scale credential stuffing attacks. The sheer size made it the largest credential dataset discovered at the time. HaveIBeenPwned added all 773 million email addresses to its breach notification service, and Troy Hunt’s disclosure post became one of the most-read cybersecurity articles of 2019. Collection #1 was later revealed to be just the first in a series — Collections #2 through #5 totaling an additional 845GB were also circulating, meaning the true total compiled credential dataset exceeded 2.2 billion unique email/password pairs.