← All datasets

LinkSort Stealer Log Compilation #26

Jul 7, 2026

999,891
Records
1
Files
Jul 7, 2026
Added

A stealer log compilation labeled 'LinkSort #26' containing credential pairs in URL:username:password format. Data spans hundreds of websites including Google, Facebook, Discord, Netflix, Apple, Roblox, and many others. This is not a single-target breach but rather a compiled credential dump sourced from infostealer malware logs, sorted and packaged as a numbered series ('LinkSort'). Contains plaintext passwords and usernames/emails for victims across multiple countries.

Data found in this dataset

Usernameskip

Search this dataset

Scoped to this dataset. Fill any combination — results match if any field hits.

Source files

Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.

LinkSort_26.txt
3 columns999,891 rows

File structure

Source columnMapped fieldConfidenceLLM assessment
0skiphighcontains URLs, app identifiers, IP addresses, and other non-PII identifiers
1usernamehighcontains potential usernames, emails, phone numbers, and other identifiers used for authentication
2passwordhighcontains password hashes, plaintext passwords, and other credential strings

Notes: This is a compiled infostealer log dataset ('LinkSort #26') containing credential pairs from hundreds of websites including Google, Facebook, Discord, Netflix, Apple, Roblox, etc. The first field often contains URLs, app package names, IP addresses, or other identifiers rather than PII. The second field maps to potential usernames, emails, phone numbers, or other account identifiers. The third field maps to passwords or password hashes.