nostr:npub18c7wjmr8txk9u3xzrxl5rsx8mpt4dr84nyluufn4qg4x9xnar52qller9d 
Wait wait wait and WHAT!

7 million customer datasets breached by credential stuffing 30 million users?
This sounds off to me (actually rather like bullshit). I agree that too many people reuse passwords, but I doubt that ~25% of the users reuse passwords and their passwords are known from other breaches.

This rather sounds like credential stuffing of a privileged account. This would also explain how it was possible to target specific ethnic groups