More than 8 million passwords have been stolen from German gaming website Gamigo and published online more than four months after hackers broke into the network.
The hashed passwords were dumped on crypto-cracking forum InsidePro, the same site where users last month posted a cache of some 6.5 million LinkedIn user logins.
A user appeared to have defeated the one-way hash and claimed to have decrypted 94 percent of passwords.
Data breach monitoring service PwnedList tipped off Forbes to the stolen cache and discovered it contained a whopping 8.2 million unique email addresses.
Three million of the addresses came from the US, 2.4 million from Germany, and 1.3 million from France.
The breach was the largest of any on the public record this year.
The encrypted password cache 'all.txt' was removed from the file-sharing web site to which it was uploaded.
Gamingo has been contacted for comment.