The number stolen in the first four months of 2012 is said to outstrip the number sold in the whole of 2010 when some 9.5 million pieces of purloined personal information were traded in online forums frequented by cyber-crooks.
In the first four months of 2012, CreditExpertis reporting that more than 12 million pieces of personal information about British online users were traded.
Data for other global regions are not immediately available.
CreditExpert pointed to proliferating online accounts – with many users now having dozens of accounts – as fuel for the explosion in online credential sales.
Asked for comment, Steve Santorelli, a cyber fraud expert with security researchers Team Cymru, said he was not aware of any recent surge in credential sales – “it’s always busy.”
He added that the release of the theft data might simply be viewed as “good marketing” by CreditExpert which is in the business of selling credential protection services.
Skepticism aside, continued reporting of log-in data breaches – at Yahoo, LinkedIn and many more – has contributed to raising awareness among Internet users for better online hygiene, protection of security credentials ranking high on that list, said the experts.