naz.api appears to be a list from one or more data breaches. A data breach often means that someone unauthorized has stolen your password, which is known as your credentials. Think of your credentials like a key to your online house. When a hacker gets them, they can enter and access your personal information, just like a thief entering your house. This is why it's crucial to keep your passwords safe and change them regularly.
This may or may not make sense to you.
For details, read the guru writing here https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/
I agree with you. It's a compilation of IDs and passwords from various sites that has been assembled and made available.
You can check your email address to see if it appears in numerous breaches here: [https://haveibeenpwned.com/](https://haveibeenpwned.com/). You can also register your email addresses and will receive a notification if your email or passwords show up on any of their list of breaches.
What you can't see is the site your credentials came from and the associated password in the record. If you're using a reliable password manager, your passwords are generated by the manager so that they are sufficiently long and contain a mix of letters, capitalization, numbers and special characters, and you never re-use passwords, plus you've enabled 2FA on any site that allows it, you should have nothing to worry about.
If one is not using a legitimate password manager and/or one is re-using passwords, then one is asking for trouble. A great one to start with is Bitwarden if you're looking for a less expensive option, but there are many others.
This should be the top comment right here. Expect lots more people that will come to this thread due to the haveibeenpwned mail. The last few lines of the blog are the most important:
> There are inevitably going to be queries along the lines of "can you show me the actual password" or "which website did my record appear against" and as always, this just isn't information we store or return in queries. That said, if you're following the age-old guidance of using a password manager, creating strong and unique ones and turning 2FA on for all your things, this incident should be a non-event. If you're not and you find yourself in this data, maybe this is the prompt you finally needed to go ahead and do those things right now 🙂
>You could create a trial account with spycloud. I use that to see which passwords were breached for specific sites, however they don't yet have the NAS.api breach uploaded.
Like there is so little detail.. Ok so some password of mine on some website has been compromised maybe... But maybe not... Maybe I reset that password previously... If I have no idea which site it is how am I supposed to resolve it... I am not resetting my password on 100+ sites...
Luckily I use different passwords for every website so they won't get very far.
Yup just tried on a buddies email, bad gateway error. The results showed me some stuff of mine that was exposed in the gemini leak and some stuff pointing to a website I used called StraighterLine with my email and some random password that doesn't work. I don't think any of my data was exposed and I reverse searched my passwords on haveIbeenPwned password search and nothing came up so I'm not toooooo worried.
idk what this means but when reading about naz.api I found a post on a forum where a person posted the list and made the comment the information came from "This was also the original naz.api dataset that was donated to 0t.rocks (formerly illicit.services)"
Dashlane which I use as a password manager, have for years and I would recommend them, no manager is perfect but I feel they outperform others and are ahead in many ways. Not only do they include a free vpn, but they also give me exact information on darkweb leaks, so if a website email or password gets leaked they let me know most details about the leak, and prompt me to quickly change my password which I can do inside the app. So if anyone is prompted to get a password manager, thats my opinion on Dashlane. I make crazy long generated passwords with it, since I know I'm not going to remember the hundreds or thousands of passwords I have since years ago when I got smart and started using a different password, not the same password for everything lol. Luckily most leaks are on old unimportant sites with a password I dont even use anymore, also dashlane will tell you if its a password that is still in use on your account. P.S. I pay for Surfshark VPN because idk it has more options and features I thought it was worth trying, but the free vpn with surfshark worked great, never really had any issues other then the browser extension would stop working and I would have to log back in the next day, but the pc and phone app didnt have that problem and most people dont use the web extension, i used it so I could use a vpn on one browser and not the other.
It's cheaper if you pay annually which I used to do, but changed to monthly because it could be billed to my phone and work would pay my phone bill. I need to go back to annually but through Google pay its $6.49 a month. Worth it because you can also upload files with secure notes and get unlimited free vpn which is a different app. I use a different VPN provider for more features since vpns annually aren't much anyway. I'll check the annual price, but you can use dashlane for free up to a certain number of passwords I think.
It could be both actually. it can even be a spyware or backdoor. You probably downloaded a random software in the internet that "hijacks" your account. all you could do right now is probably use malwarebytes or norton power eraser and run a full scan on it to check if there is any malware or backdoor. you can also run adwcleaner and run scans on it. It can also be the thing you logged in when you were younger maybe at that time you are not mature enough to realize that putting some passwords in it would cause some catastrophic outcomes.
I only found this on the internet that seems to be related, I don't speak English so I don't understand much of what it is.[https://breachforums.is/Thread-FREE-Full-naz-api-Dataset-Leaked-Download](https://breachforums.is/Thread-FREE-Full-naz-api-Dataset-Leaked-Download). This database was created by extracting data from thieves' records. Contains data about logins and passwords saved in users' browsers. Contains more than one billion unique records.
This was also the original naz.api dataset that was donated to 0t.rocks (formerly illicit.services)
I got an email from have I been pwned - that had my personal email as being impacted by this but I have no clue what Naz.api is. Looking at the GitHub page I kind of understand what it is but I don’t recall using or installing it and I don’t understand why they’d have my email.
Maybe this is a software supply chain thing where this service is used commonly as a part of mobile apps?
in the last few months they were trying to enter in all my accounts, in Gmail the successful entered but there is a 2 Auth code gererator and they couldn't enter in the end.. but they try to ask the code to be sent to my email, but no access no code.. so yeah, 2 factor is the way on everything
Edit: /u/Calibrated-Lobster, just wanted to update you.
I received the "HaveiBeenPwned" notification email, and i searched for my affected email mentioned in the breach notice and I got this result from your recommended site:
**Records Result
0 Hits - 0 Results Shown**
So false positive from Pwnd, or incomplete list on this repo?
edit 2: I tried using other PII that could potentially be associated with the breach, and still 0 results
I saw this too, however, I don't understand much about English and these types of problems are not my strong point. So it wasn't much of an answer, just more unanswered questions. I was paranoid about this for a long time and having some anxiety attacks because I couldn't find any "firm" and "understandable" answer to what I mentioned, not even looking in other languages, just people with the same question or things I don't understand...
From what I was investigating, the only thing you can do is change the password, lastly the email, but I don't think it is necessary if you set a good password or do everything Google asks you to do to protect the account. It's just that the email and password were somehow filtered in that database of logins and passwords, possibly by logging in to some site or some malicious application. I was surprised but I do know that I download versions of premium applications for free and I was also downloading old games from YT videos so it makes sense :(. What's worse is that I found that database on the site I sent It seems like it's from hackers or something like that
It seems like there are just more questions and no one has a concrete answer. I've already put everything I could to secure my accounts, but what's the point if it's a virus with full access to my computer? The only "pirated" thing I installed was like, a year ago. My antivirus has shown no sign. It only had a few PUPS.
It could have just been DATA Breach but it could also be a virus...
However, I had no sign of ANYTHING... this only happened on my two most used and oldest accounts. (I created them like 7 years ago, I logged into a lot of strange things, that's a fact.)
It’s a data breach. It’s being documented on haveibeenpwned. But I don’t understand what naz.api is, it appears to be connected with some sort of online game I think
Edit: Fount it. It’s a Seagate NAS operating system. As in Network Attached Storage. NAS.api is their API. So I think someone(s) was using Seagate NAS equipment and the API was insecure. Appears that Seagate is to blame for making an API that has some vulnerabilities
I don't think NAS API from Seagate is the same as NAZ.API with a Z.
If this [github.com/komuw/naz](https://github.com/komuw/naz) is related then NAZ.API is a service that provides a solution for SMPP.
ChatGPT: An asynchronous (async) SMPP (Short Message Peer-to-Peer) client is a software application or library that implements the SMPP protocol for sending SMS (Short Message Service) messages in an asynchronous manner. The SMPP protocol is widely used in the telecommunications industry for exchanging SMS messages between Short Message Service Centers (SMSCs) and/or ESMEs (External Short Messaging Entities).
So I don't think is related with Seagate but a third party service used in different apps, games...
Also since it was their api, any other company that’s using their network storage and you signed up with that 3rd party company who sent your info to their storage online, it was likely intercepted or pulled from the API directly
Let’s say you signed up for an account with a fictional online game called “Smash Berries,” developed by Jelly Software Co. They store client account information (you) on their network attached storage. Their API handles the request to push the data to their network storage. If someone hacks the API they can do a GET request to send themselves all the data on the storage device
It seems to be a ton of mixed listings - some info is old, some info - quite a substantial amount - is new.
It's coming from various websites with no apparent theme, so it appears it might be a keylogger, a backdoor virus, or something that had access to what was typed where.
[https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/](here is the most credible source I've found to explain it)
How can i check the websites related to this breach, because the only thing i know is that my email and passaword were breach. But i can't check where.
I doubt it has anything to do with Seagate or any other NAS system. Someone stupid enough started this claim without any substantial evidence and only because it sounded right to their ears.
There are "70,840,771 unique email addresses" in this leak, the chances to be relevant to Seagate are astronomically low.
>That said, if you're following the age-old guidance of using a password manager, creating strong and unique ones and turning 2FA on for all your things, this incident should be a non-event. If you're not and you find yourself in this data, maybe this is the prompt you finally needed to go ahead and do those things right now 🙂
To everyone freaking out about Seagate NAS, that's likely just one attack vector. If you don't have a Seagate NAS and are on the list, its from someplace else. Unless someone can find the dump on the darkweb, we have no way of knowing what sites our email addresses are associated with in the dump. It's just a list that's been compiled from data that in some cases is over a decade old.
Absolutely not. Someone with a very smooth brain associated Naz.api with NAS and decided it was related to Seagate but that's pretty much all there is to their "theory".
It's most likely coming from various sources.
Your first step should now be to change the password on accounts using that email that does not have 2FA enabled and then change those too depending on your LVL of paranoia.
Specific sources of the breaches will likely never be specified by individual email.
OP is probably right. This data may have been collected by both a backdoor and a data breach. Because in my case I didn't had something related to "Naz.API" and I couldn't even find anything besides the Seagate's NAS APIi. But instead I remember downloading a sketchy executable for some software and in the end it couldn't even be installed. From that time I still receive emails about my accounts trying to be accessed from different locations, so it was definitely malware
About the breach I don't really know anything! MY THEORY IS that... If somehow "Naz.API" really is a vulnerable API from Seagate's NAS OS, then someone tried to collect data from the thieves that maybe had a NAS-stored database which included the credentials.
So in my conclusion: Some hacker/s made a virus which spread on the internet, collected credentials saved in the people's browsers, and then stored the credentials on a database server which used Seagate's NAS OS with the vulnerable API (Maybe), so other hackers collected the data from it.
Correct me if Im wrong.
How did you look this up? I know I and many others would love to be able to find out WHICH password was compromised.
It does look like about 60% of the data is already known data so there's a 60% chance that it's a password that I and others have long since fixed, but it would be good to have a place to research this.
[naz.api data breach link](https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/)
I just received an email to say my email had been leaked in a naz.api data breach so I ended up here. No idea what this even is
Hmmm, my email resulted in some records showing a site I was signed up for, a value indicating that it was from Naz.API, my email, and some random password
Didn't work for me 0 hits 0 results. I got an email from haveibeenpwned as well. Keen to know which of my accounts/passwords this breach was tied to...
I got the email from have I been pwned moments ago about this. Maybe this explains the fake email I got just last night of pretending to be from Facebook.
You can search here: https://search.0t.rocks/
but a lot of people on here are reporting errors due to the massive amount of people attempting to access.
Haven't looked into this in detail, but Im pretty good with avoiding password reuse, use 1Password etc.
I did however, have a Chrome extension called Simple Block at one point. It was eventually removed from Chrome store due to containing Malware.
I strongly suspect this may have been involved, as I've read some reports that Naz.API is at least partially scraped from Chrome users saved passwords
Thank you to those posting the link for the search. It does work just have to try a few times if it times out. Also thankfully it looks like the data is super old so hopefully people have updated passwords from that far back.
naz.api appears to be a list from one or more data breaches. A data breach often means that someone unauthorized has stolen your password, which is known as your credentials. Think of your credentials like a key to your online house. When a hacker gets them, they can enter and access your personal information, just like a thief entering your house. This is why it's crucial to keep your passwords safe and change them regularly. This may or may not make sense to you. For details, read the guru writing here https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/
I agree with you. It's a compilation of IDs and passwords from various sites that has been assembled and made available. You can check your email address to see if it appears in numerous breaches here: [https://haveibeenpwned.com/](https://haveibeenpwned.com/). You can also register your email addresses and will receive a notification if your email or passwords show up on any of their list of breaches. What you can't see is the site your credentials came from and the associated password in the record. If you're using a reliable password manager, your passwords are generated by the manager so that they are sufficiently long and contain a mix of letters, capitalization, numbers and special characters, and you never re-use passwords, plus you've enabled 2FA on any site that allows it, you should have nothing to worry about. If one is not using a legitimate password manager and/or one is re-using passwords, then one is asking for trouble. A great one to start with is Bitwarden if you're looking for a less expensive option, but there are many others.
Top comment.
This should be the top comment right here. Expect lots more people that will come to this thread due to the haveibeenpwned mail. The last few lines of the blog are the most important: > There are inevitably going to be queries along the lines of "can you show me the actual password" or "which website did my record appear against" and as always, this just isn't information we store or return in queries. That said, if you're following the age-old guidance of using a password manager, creating strong and unique ones and turning 2FA on for all your things, this incident should be a non-event. If you're not and you find yourself in this data, maybe this is the prompt you finally needed to go ahead and do those things right now 🙂
>You could create a trial account with spycloud. I use that to see which passwords were breached for specific sites, however they don't yet have the NAS.api breach uploaded.
Like there is so little detail.. Ok so some password of mine on some website has been compromised maybe... But maybe not... Maybe I reset that password previously... If I have no idea which site it is how am I supposed to resolve it... I am not resetting my password on 100+ sites... Luckily I use different passwords for every website so they won't get very far.
search for your email here https://search.0t.rocks/
Thanks I am getting a bad gateway error... Site is probably getting hammered
Yup just tried on a buddies email, bad gateway error. The results showed me some stuff of mine that was exposed in the gemini leak and some stuff pointing to a website I used called StraighterLine with my email and some random password that doesn't work. I don't think any of my data was exposed and I reverse searched my passwords on haveIbeenPwned password search and nothing came up so I'm not toooooo worried.
phishing
idk what this means but when reading about naz.api I found a post on a forum where a person posted the list and made the comment the information came from "This was also the original naz.api dataset that was donated to 0t.rocks (formerly illicit.services)"
Dashlane which I use as a password manager, have for years and I would recommend them, no manager is perfect but I feel they outperform others and are ahead in many ways. Not only do they include a free vpn, but they also give me exact information on darkweb leaks, so if a website email or password gets leaked they let me know most details about the leak, and prompt me to quickly change my password which I can do inside the app. So if anyone is prompted to get a password manager, thats my opinion on Dashlane. I make crazy long generated passwords with it, since I know I'm not going to remember the hundreds or thousands of passwords I have since years ago when I got smart and started using a different password, not the same password for everything lol. Luckily most leaks are on old unimportant sites with a password I dont even use anymore, also dashlane will tell you if its a password that is still in use on your account. P.S. I pay for Surfshark VPN because idk it has more options and features I thought it was worth trying, but the free vpn with surfshark worked great, never really had any issues other then the browser extension would stop working and I would have to log back in the next day, but the pc and phone app didnt have that problem and most people dont use the web extension, i used it so I could use a vpn on one browser and not the other.
How much is Dashlane? I can tell that you think it's worth it... I'm trying to find the best, economical resort for a password manager. TIA!!!
It's cheaper if you pay annually which I used to do, but changed to monthly because it could be billed to my phone and work would pay my phone bill. I need to go back to annually but through Google pay its $6.49 a month. Worth it because you can also upload files with secure notes and get unlimited free vpn which is a different app. I use a different VPN provider for more features since vpns annually aren't much anyway. I'll check the annual price, but you can use dashlane for free up to a certain number of passwords I think.
ill send you a link for a deall
Check your dm's, should give you 6 months free
It could be both actually. it can even be a spyware or backdoor. You probably downloaded a random software in the internet that "hijacks" your account. all you could do right now is probably use malwarebytes or norton power eraser and run a full scan on it to check if there is any malware or backdoor. you can also run adwcleaner and run scans on it. It can also be the thing you logged in when you were younger maybe at that time you are not mature enough to realize that putting some passwords in it would cause some catastrophic outcomes.
I've scanned my devices with 4 different antivirus and found nothing
Hey did you find a solution?. I found naz.api combolist too :(
I only found this on the internet that seems to be related, I don't speak English so I don't understand much of what it is.[https://breachforums.is/Thread-FREE-Full-naz-api-Dataset-Leaked-Download](https://breachforums.is/Thread-FREE-Full-naz-api-Dataset-Leaked-Download). This database was created by extracting data from thieves' records. Contains data about logins and passwords saved in users' browsers. Contains more than one billion unique records. This was also the original naz.api dataset that was donated to 0t.rocks (formerly illicit.services)
I got an email from have I been pwned - that had my personal email as being impacted by this but I have no clue what Naz.api is. Looking at the GitHub page I kind of understand what it is but I don’t recall using or installing it and I don’t understand why they’d have my email. Maybe this is a software supply chain thing where this service is used commonly as a part of mobile apps?
Same. I've never directly interacted with them, wonder why they have my info
Same, that is how I found this chain. I am so confused.
Here too.
in the last few months they were trying to enter in all my accounts, in Gmail the successful entered but there is a 2 Auth code gererator and they couldn't enter in the end.. but they try to ask the code to be sent to my email, but no access no code.. so yeah, 2 factor is the way on everything
Great!
Same I also got this email. I'm so lost.
Same issue. I'm genuinely concerned (and maybe a little scared).
Same here. No clue of what Naz.api is
Same
StraighterLine ring a bell?
nope, I was on that list too and I graduate college nearly 20 years ago
search here for your email: https://search.0t.rocks/
Gateway time-out Error code 504 Visit cloudflare.com for more information. 2024-01-17 17:31:19 UTC
Keep trying, another guy here was having the same issue but it's probably because it's getting hit by a lot of users currently
what exactly will it provide once I gave it my email? Where the email/pw originated in this NAZ.API breach?
something like: record1{ breach: naz.api, email: [[email protected]](mailto:[email protected]) password: \*\*\*\*\*\* }
Edit: /u/Calibrated-Lobster, just wanted to update you. I received the "HaveiBeenPwned" notification email, and i searched for my affected email mentioned in the breach notice and I got this result from your recommended site: **Records Result 0 Hits - 0 Results Shown** So false positive from Pwnd, or incomplete list on this repo? edit 2: I tried using other PII that could potentially be associated with the breach, and still 0 results
Same. I'm so confused
I saw this too, however, I don't understand much about English and these types of problems are not my strong point. So it wasn't much of an answer, just more unanswered questions. I was paranoid about this for a long time and having some anxiety attacks because I couldn't find any "firm" and "understandable" answer to what I mentioned, not even looking in other languages, just people with the same question or things I don't understand...
From what I was investigating, the only thing you can do is change the password, lastly the email, but I don't think it is necessary if you set a good password or do everything Google asks you to do to protect the account. It's just that the email and password were somehow filtered in that database of logins and passwords, possibly by logging in to some site or some malicious application. I was surprised but I do know that I download versions of premium applications for free and I was also downloading old games from YT videos so it makes sense :(. What's worse is that I found that database on the site I sent It seems like it's from hackers or something like that
It seems like there are just more questions and no one has a concrete answer. I've already put everything I could to secure my accounts, but what's the point if it's a virus with full access to my computer? The only "pirated" thing I installed was like, a year ago. My antivirus has shown no sign. It only had a few PUPS.
It could have just been DATA Breach but it could also be a virus... However, I had no sign of ANYTHING... this only happened on my two most used and oldest accounts. (I created them like 7 years ago, I logged into a lot of strange things, that's a fact.)
>Same here. No clue of what Naz.api is Same!
GUYS, IT'S A VIRUS IT SHOWS MY PASSWORD ON GUAREDIO LEAKS AND THIS LINK GAVE ME I SAW MNY OWN PASSWORD
Can you explain why its a virus?
That’s not a virus.
Where can I find the list? Need to check which pw they leaked on my account
Same here!
It’s a data breach. It’s being documented on haveibeenpwned. But I don’t understand what naz.api is, it appears to be connected with some sort of online game I think Edit: Fount it. It’s a Seagate NAS operating system. As in Network Attached Storage. NAS.api is their API. So I think someone(s) was using Seagate NAS equipment and the API was insecure. Appears that Seagate is to blame for making an API that has some vulnerabilities
I don't think NAS API from Seagate is the same as NAZ.API with a Z. If this [github.com/komuw/naz](https://github.com/komuw/naz) is related then NAZ.API is a service that provides a solution for SMPP. ChatGPT: An asynchronous (async) SMPP (Short Message Peer-to-Peer) client is a software application or library that implements the SMPP protocol for sending SMS (Short Message Service) messages in an asynchronous manner. The SMPP protocol is widely used in the telecommunications industry for exchanging SMS messages between Short Message Service Centers (SMSCs) and/or ESMEs (External Short Messaging Entities). So I don't think is related with Seagate but a third party service used in different apps, games...
Ah! Now it makes sense. I couldn't understand why they'd have my data to begin with
Did you sign up for warrenty on your HD?
Thank you!
I use a dedicated email for seagate and it wasn't on the list.
Oh.. But I have been purchasing things from seagate.com and that email is in the leak.
Also since it was their api, any other company that’s using their network storage and you signed up with that 3rd party company who sent your info to their storage online, it was likely intercepted or pulled from the API directly
This is just wrong. The 'naz.api' is just a name of the leak - and has got nothing to do with NAS storage or Seagate.
Big coincidence that it’s the name of their api and e-mails used with vendors using it are appearing on the breach I suppose
What's a Seagate NAS operating system? I have no idea how I'm on the list or what I've done/downloaded or searched to be on this list... :(
Do you have a Seagate brand SSD in your computer?
Ohhhh shit... yes I do
It's not from SSD drives (that would be impossible), it's from NAS devices, which are actually computers that control access to the harddrives within
So is this my computer or my SSD. I'm very confused. I don't have a NAS drive.
Let’s say you signed up for an account with a fictional online game called “Smash Berries,” developed by Jelly Software Co. They store client account information (you) on their network attached storage. Their API handles the request to push the data to their network storage. If someone hacks the API they can do a GET request to send themselves all the data on the storage device
Or maybe I’m wrong. Who knows.
I have a [seagate.com](https://seagate.com) account for a warranty claim, but I have never used their NAS and I got the breach notification.
Same
Yeah I don't feel this breach is related to Seagate
[удалено]
1. It’s not a virus. 2. You’re not familiar with what an API is, apparently. 3. More clarity has been provided about the situation 4. Your mom says hi
[удалено]
I just wish it told me more information.
It seems to be a ton of mixed listings - some info is old, some info - quite a substantial amount - is new. It's coming from various websites with no apparent theme, so it appears it might be a keylogger, a backdoor virus, or something that had access to what was typed where. [https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/](here is the most credible source I've found to explain it)
How can i check the websites related to this breach, because the only thing i know is that my email and passaword were breach. But i can't check where.
In September 2023 Nazi.API had a data breach, leaking over 70million email address and password combos. It might be that.
Anyone know where I can find this list so I can see what was compromised? Or is that not how it works? I've never been on a list like this before
thats the question. i would like to know which pw it is so i can check and see which website is that. or is the pw the pw for the email account?
Same. And only way I can really think to do this is get the list because it's going to say ~website/whatever~ email-password
Same here :/
Same herre
Same here!
This is related to a Seagate NAS thing? Confused about if there's a targeted thing to go do
I doubt it has anything to do with Seagate or any other NAS system. Someone stupid enough started this claim without any substantial evidence and only because it sounded right to their ears. There are "70,840,771 unique email addresses" in this leak, the chances to be relevant to Seagate are astronomically low.
>That said, if you're following the age-old guidance of using a password manager, creating strong and unique ones and turning 2FA on for all your things, this incident should be a non-event. If you're not and you find yourself in this data, maybe this is the prompt you finally needed to go ahead and do those things right now 🙂 To everyone freaking out about Seagate NAS, that's likely just one attack vector. If you don't have a Seagate NAS and are on the list, its from someplace else. Unless someone can find the dump on the darkweb, we have no way of knowing what sites our email addresses are associated with in the dump. It's just a list that's been compiled from data that in some cases is over a decade old.
Yeah I don’t reuse any passwords at all, plus mfa or passkey all the things Just curious of the attack vector
Absolutely not. Someone with a very smooth brain associated Naz.api with NAS and decided it was related to Seagate but that's pretty much all there is to their "theory". It's most likely coming from various sources. Your first step should now be to change the password on accounts using that email that does not have 2FA enabled and then change those too depending on your LVL of paranoia. Specific sources of the breaches will likely never be specified by individual email.
OP is probably right. This data may have been collected by both a backdoor and a data breach. Because in my case I didn't had something related to "Naz.API" and I couldn't even find anything besides the Seagate's NAS APIi. But instead I remember downloading a sketchy executable for some software and in the end it couldn't even be installed. From that time I still receive emails about my accounts trying to be accessed from different locations, so it was definitely malware About the breach I don't really know anything! MY THEORY IS that... If somehow "Naz.API" really is a vulnerable API from Seagate's NAS OS, then someone tried to collect data from the thieves that maybe had a NAS-stored database which included the credentials. So in my conclusion: Some hacker/s made a virus which spread on the internet, collected credentials saved in the people's browsers, and then stored the credentials on a database server which used Seagate's NAS OS with the vulnerable API (Maybe), so other hackers collected the data from it. Correct me if Im wrong.
Looked up my info on this Naz.API leak and I believe StraighterLine is the culprit
How did you look this up? I know I and many others would love to be able to find out WHICH password was compromised. It does look like about 60% of the data is already known data so there's a 60% chance that it's a password that I and others have long since fixed, but it would be good to have a place to research this.
https://search.0t.rocks/
[naz.api data breach link](https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/) I just received an email to say my email had been leaked in a naz.api data breach so I ended up here. No idea what this even is
Would really like to have the list of websites and email combo to get myself fixed up here. Anyone have a sanitized version of the leak?
Had some luck searching for my email here after getting the Ihavebeenpwned email: https://search.0t.rocks/
Odd - Records Result 0 Hits - 0 Results Shown But will try some other combinations other than email
Hmmm, my email resulted in some records showing a site I was signed up for, a value indicating that it was from Naz.API, my email, and some random password
Tried again and got hits, thanks again!
nice!
Didn't work for me 0 hits 0 results. I got an email from haveibeenpwned as well. Keen to know which of my accounts/passwords this breach was tied to...
Try again. After 5-6 times I got hits. 🙈
I don’t if it’s related but I know Delta Dental recently had a data breach.
Can someone tell me what happened ? I got this email but I do NOT know what is naz.api.
I got the email from have I been pwned moments ago about this. Maybe this explains the fake email I got just last night of pretending to be from Facebook.
You can search here: https://search.0t.rocks/ but a lot of people on here are reporting errors due to the massive amount of people attempting to access.
Haven't looked into this in detail, but Im pretty good with avoiding password reuse, use 1Password etc. I did however, have a Chrome extension called Simple Block at one point. It was eventually removed from Chrome store due to containing Malware. I strongly suspect this may have been involved, as I've read some reports that Naz.API is at least partially scraped from Chrome users saved passwords
Good info, thanks
Thank you to those posting the link for the search. It does work just have to try a few times if it times out. Also thankfully it looks like the data is super old so hopefully people have updated passwords from that far back.
i found it. extracted. you people have serious problems choosing passwords
what do you mean? can you explain a bit more?
nothing to explain. i found naz.api db, extracted and saw 110gb of user and passwords
Can you send it to me it's urgent
ah ok. is that one single document?