Data Leak Exposes 149M Logins, Including Gmail, Facebook

Summary

Image: GoldenDayz/Envato Jeremiah Fowler, a veteran security researcher, recently stumbled upon 149,404,754 unique logins and passwords, totaling about 96GB of raw data. There was no encryption… and it didn’t even have a password. Sharing his findings with ExpressVPN, Fowler noted, “The publicly exposed database was not password-protected or encrypted.” The collection was so large and detailed that it wasn’t just a list of names; it included emails, usernames, passwords, and the specific website links needed to log into the accounts. The total count of records and the size of the exposed infostealer database. Credit: ExpressVPN/Jeremiah Fowler. The scale of this exposure covers almost every corner of the internet. While consumer accounts like Gmail and Facebook make up the largest chunk, the database also contained sensitive logins for cryptocurrency exchanges and even dating sites. PlatformEstimated Compromised Accounts Gmail48 Million Facebook17 Million Instagram6.5 Million Yahoo4 Million Netflix3.4 Million Outlook1.5 Million .edu1.4 million iCloud900,000 Tiktok780,000 Binance420,000 OnlyFans100,000 Screenshot of compromised .gov, .facebook.com, and a WordPress administrative login account. Credit: ExpressVPN/Jeremiah Fowler. Perhaps most alarmingly, the cache also contained credentials linked to .gov domains from multiple countries. While not every government account leads to sensitive systems, their presence raises serious flags. “Exposed government credentials could be potentially used for targeted spear-phishing, impersonation, or as an entry point into government networks,” Fowler noted. How the data was likely collected So, where did this mountain of data come from? The evidence points to “infostealer” malware. This is a type of malicious software that, once installed on a victim’s device, silently records every keystroke, including usernames and passwords, and sends it back to a hacker’s server. The database’s technical setup was classic for this kind of op...