A researcher known as Benkow, based in Paris, has discovered a list of 711 million email addresses, servers and passwords on a Web server in the Netherlands, all used to send spam.
The list was analysed by Troy Hunt who runs a service known as Have I been pwned? where one can check whether one's email address has been leaked.
Hunt did a detailed analysis of the email addresses, pointing out that until now the largest list he had found had contained 393 million records.
Benkow wrote that the addresses were being used by a spambot known as Onliner which was spreading malware.
{loadposition sam08}Hunt said he had found his own email address in two files on the site. Also present were about 43,000 rows associated with the Roads and Maritime Services in NSW.
He said the email address in question was used to send toll road account statements.
"The data in the dump has a bunch of junk prefixed to the address, junk which appears to be an HTML file name and may indicate the 'address' was scraped off the Web and the parsing simply wasn't done very well," Hunt wrote.
"The point here is that there's going to be a bunch of addresses here that simply aren't very well-formed so whilst the '711 million' headline is technically accurate, the number of real humans in the data is going to be somewhat less."
Plenty of passwords were also in the files on the server, Hunt said, adding that a random selection all traced back to the big leak from LinkedIn.
"...our email addresses are a simple commodity that's shared and traded with reckless abandon, used by unscrupulous parties to bombard us with everything from Viagra offers to promises of Nigerian prince wealth," Hunt commented. "That, unfortunately, is life on the Web today."