According to TechRadar , a huge email and password leak has been quietly taking place on the dark web for the past four months, but the cybersecurity community has only just discovered it.

Accordingly, the data leak checking service "Have I Been Pwned?" (HIBP) recently added a new database containing about 71 million email addresses to its platform. Now, people can easily check if their email is on this list or not and from which service it was leaked.

Just visit the HIBP website at www.haveibeenpwned.com and enter your email. If the email appears as “Naz.API,” it means you’ve likely been infected with password-stealing malware in the past. While it can’t pinpoint exactly which services were affected by the password leak, it does warn of some popular services that may have been affected, including Facebook, Yahoo, Roblox, eBay, and more.

What's worrying is that a third of these 71 million emails are completely new, never seen in previous leaks, showing the severity of the incident and the risk of attack for users.

If you discover that your email has been leaked on the service, immediately take the following actions:

• Change your passwords immediately for all services you use, especially those warned by HIBP.
• Enable two-factor authentication (2FA) on all important accounts.
• Be careful when opening emails from unknown senders, especially those that contain links or attachments.
• Install reliable anti-virus and anti-malware software on your computer.
• Keep your operating system and applications up to date with the latest security patches.