Combo List
A compiled file of username/email and password pairs aggregated from multiple data breaches.
Full Definition
A combo list (short for "combination list") is a file containing large collections of username-password or email-password pairs aggregated from multiple data breaches and credential leaks. These lists are widely distributed on dark web forums and used as the fuel for credential stuffing attacks.\n\nCombo lists vary in quality and specificity — some are raw dumps from individual breaches, while others are curated and deduplicated compilations of millions of valid credentials from dozens of sources. Premium combo lists may be targeted by service type (e.g., "PayPal combo," "Netflix combo") to maximize success rates.\n\nA single mega combo list can contain billions of entries, making manual review impossible. Organizations use threat intelligence platforms to continuously check whether their users' credentials appear in circulating combo lists, enabling proactive password reset campaigns.
Related Terms
Credential Stuffing
Automated injection of stolen username/password pairs to gain unauthorized access to accounts.
Attack TypesData Breach
A security incident in which protected or confidential data is accessed, stolen, or disclosed without authorization.
Data & LeaksStealer Log
A structured package of data harvested by infostealer malware from a single infected device.
Data & LeaksDark Web
Encrypted, anonymized parts of the internet accessible only via specialized tools like Tor, used by both privacy advocates and cybercriminals.
Security ConceptsMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.