A malware-sourced credential dataset containing 56 million unique email addresses and 124 million unique passwords has been added to Have I Been Pwned’s breach and password databases.

According to NS3.AI, the newly added records come from malware and have been incorporated into both the service’s breach database and its password database.

The update reflects the inclusion of the dataset’s email and password records into Have I Been Pwned’s searchable repositories.