A cybersecurity researcher uncovered a massive breach that exposed 149 million login credentials, including accounts from Binance, Netflix, and multiple government agencies.
According to ExpressVPN, Jeremiah Fowler, a cybersecurity researcher, discovered a database with 149,404,754 unique login credentials totaling 96GB.
The database lacked encryption and password protection, allowing anyone to access millions of credentials, and Fowler reported the incident to ExpressVPN to draw attention to it.
Your Streaming Accounts May Be Compromised
The unsecured records encompassed numerous web-based services across the globe. The data was dominated by social media sites, of which Facebook alone contributed 17 million exposed credentials.
Instagram was adding 6.5 million compromised logins, TikTok 780,000, and Netflix took the lead among streaming platforms with 3.4 million stolen credentials.
Financial accounts had also been well represented: Binance reported 420 000 exposed logins, and OnlyFans presented 100 000 accounts.
Government Credentials Create National Security Concerns
Researchers were astounded by the government domain credentials. The email addresses of multiple countries in the .gov format were present in the dataset, which allowed potential spear-phishing.
Weakened government credentials have huge national-security implications: attackers may impersonate government officials or compromise secure networks, which are gateways to critical systems.
Email services: Gmail prevailed with 48 million exposed accounts, Yahoo with 4 million accounts, and institutions of learning with 1.4 million .edu domain breaches.
Database Remained Online for Weeks
The breach was originally reported by Fowler to the hosting provider. They first denied that they hosted the IP, but the constant complaints over almost a month finally led to action.
The provider blocked access after constant reporting. The number of records increased drastically during the exposure, but no one knows who owns the database.
Infostealer malware probably collected the credential dataset. The program silently gathers the login details of the infected computers, and the key-logging option intercepts the usernames, passwords, and web addresses.
Criminals value speed more than security. Poorly configured cloud servers often accidentally release stolen data, and once criminals find it, the datasets quickly move through criminal channels.
You might also like: White House Post Sends Solana Memecoin PENGUIN From $387K to $94M
Protecting Against Credential Theft
Antivirus software is the initial defense against malware, but only 66% of U.S. adults use it, which exposes millions of devices to infostealer attacks.
Two-factor authentication enhances account security. Password managers deter entry-level key-logging surveillance, whereas unique passwords between services reduce the harm of an attack.
Users should regularly review their logins and connected devices. Unsuccessful login attempts can indicate unauthorized access, so users must change their passwords using clean devices.
This breach highlights the scale of credential theft. Attackers keep improving their instruments; robust authentication and proper cyber hygiene are also important protective measures.
