620 million records from 16 websites listed for sale on the Dark Web

The hacker said that they typically extracted the credentials by exploiting security vulnerabilities within web apps to pull off remote code execution.