Mr. Hunt, who works as a regional director for Microsoft got the data from popular anonymous file sharing service MEGA and its origins, according to him, point to a popular hacker forum where the set of files is distributed openly among the hackers. Dataset in question is 87 gigabytes in size and has more than 12'000 files in it. He details the project in his own blog.
To help to indetify whether youre account has been breached, he has put together a website for anyone to test it:
Have I been Pwned?
Entering your email address there wont gather any data, but will simply tell you whether your account is one of those that have been including with this massive data collection - or not.
If your email address shows that you are in the list, it is highly recommended to change your passwords immediately across all business critical services. We recommend using password manager, something like LastPass, and to let it randomize you a different password for each service.
Has anyone done this? I always get nervous that this is a way to get more information from people.