A new variant of the Elance breach archive is being shared on BreachForums. Elance was the early freelance-work marketplace that eventually merged into what became Upwork, and this version of the archive is larger than the copy that has been in circulation for years.
The file pairs roughly 2.6 million accounts with usernames, SHA-1 password hashes, email addresses, first and last names, mailing addresses, phone numbers, and account-status flags. A separate VIP file inside the archive carries admin accounts and a smaller subset where the cracker who packaged the dump has appended plaintext passwords next to the original hash.
Why a 17-year-old breach still has legs
Elance's userbase covered a generation of independent designers, developers, writers, and marketers who built their early professional identities through the platform. Many of those people still use the same email address for client invoicing today, which makes the Elance leak a useful index for finding the personal contact details of working professionals. The SHA-1 hashes are weak by current standards and a respectable share of them have been cracked into plaintext by the time the file gets repackaged like this.
If you ever held an Elance account and that email is still active, treat it as a lookup key in the wild and assume any password you used on the platform is recoverable.