Highlights

• Over 184 million login credentials were leaked online from major platforms like Google, Apple, Facebook, and banking services.
• The breach was linked to infostealer malware, which harvests data from infected systems including browser autofill information, emails and saved documents.
• Cybersecurity experts warn of rising data leaks.

Caption – Cybersecurity researcher Jeremiah Fowler uncovered a major data breach. (Photo by GuerrillaBuzz on Unsplash)

A massive data leak has exposed more than 184 million login credentials including sensitive usernames and passwords from major platforms like Google, Apple, Facebook and even banking and government services.

The leak was discovered by cybersecurity researcher Jeremiah Fowler, who found the database open and unprotected, according to Website Planet.

Fowler revealed that the unencrypted and publicly accessible database held exactly 184,162,718 unique usernames and passwords. The leaked data is tied to popular services like Google, Microsoft, Facebook, Instagram, Snapchat and even Roblox. Shockingly, the database also included login details for bank accounts, healthcare portals and government websites.

The database has since been taken offline.

What’s even more alarming is how this data was collected. Fowler says the credentials appear to have come from a type of malware known as an infostealer. He describes it as “malicious software designed specifically to harvest sensitive information from an infected system.”

Infostealer malware can pull data from web browsers like autofill information and cookies as well as emails, saved documents, and even messages. All it takes is for someone to unknowingly download the malware.

Unfortunately, these kinds of leaks are becoming more common. Last year, the RockYou2024 breach exposed nearly 10 billion credentials, making it the largest password leak to date. Cybercriminals often use these massive datasets to carry out automated brute force attacks, trying various combinations to gain access to accounts.

If you’re concerned, now’s a good time to update your passwords and enable two-factor authentication.

Here’s How to Stay Safe –

• Use strong passwords
• Do not reuse the same passwords in different accounts.
• Update your passwords regularly.
• Enable two-factor or multi-factor authentication
• Monitor your accounts regularly for any suspicious activity
• Schedule auto-antivirus scans at regular intervals
• Keep an eye out for phishing attempts
• Never click on links, QR codes or attachments from unknown senders.
• Clear out old emails with sensitive personal information

FAQs

Q1. What platforms were affected by the massive credential leak?

Answer. The leak exposed 184 million login credentials from major services like Google, Apple, Facebook, Microsoft, Instagram, Snapchat, and even banking and government sites.

Q2. How was the leaked data collected?

Answer. The credentials appear to have been harvested by infostealer malware, which extracts sensitive information from infected systems, including browser autofill data and saved documents.

Q3. What should users do to protect themselves?

Answer. Cybersecurity experts recommend updating passwords, enabling two-factor authentication, and staying vigilant against malware to prevent unauthorised access.

Also Read: NVIDIA Hackers Targeted Samsung: 19GB Confidential Data Leaked

Also Read: LinkedIn Now Latest Victim: Threat Actors Leak Massive User Data