I have an ip address that is specifically applying valid email addresses and attempting to login but failing because of incorrect passwords.
Usually a hacker just tries any and all email addresses, but this one is using only valid email addresses consistently.
How (and) can someone obtain a list of email addresses, but not have passwords, then try to hack each account one at a time? I understand there is a chance this person got someone's 'address book' but this is doubtful.