A cybersecurity company said Tuesday it has obtained a list of 360 million account credentials for Web services, likely collected through multiple data breaches.