Large-Scale Data Exposure Discovered

Uploaded on 2025-05-23 in NEWS-Cybersecurity News, FREE TO VIEW

Cybersecurity researcher Jeremiah Fowler has identified a significant security lapse involving a non-password-protected database containing over 184 million credential records. Disclosed to Website Planet, the breach highlights a serious risk of data theft and misuse.

The database comprised 184 million records totalling approximately 47.4 GB of data. The contents included, emails, logins, passwords, and authorisation URLs.

The exposed data spanned various services, from popular social media platforms including Facebook, Instagram and Snapchat, to email providers, Microsoft products, bank and financial accounts, health platforms, and government portals.

How The Breach Occurred

The database was publicly accessible but lacked passwords or encryption, making it vulnerable. Its connection to two domain names went unnoticed:

One domain was inactive.

The other was unregistered and available for purchase.

The owner of the database remains unknown due to private Whois registration, and the hosting provider did not disclose customer details. Shortly after Fowler’s discovery, the database was restricted from public access.

Possible Malicious Origins: Infostealer Malware

Evidence pointed to the data being harvested via infostealer malware, a malicious program designed to steal sensitive information by:

Targeting credentials stored in browsers, email clients, messaging apps.

Capturing autofill data, cookies, crypto wallet information, even screenshots or keystrokes.

While the specific method of collection isn’t confirmed, criminals often use phishing emails, malicious websites or cracked software to deploy this malware. The stolen data is typically circulated on dark web marketplaces or and used for fraud, identity theft, or further cyberattacks.

Verifying Data Legitimacy

Fowler contacted multiple email addresses listed in the database, confirming several records as accurate and valid. Many individuals use their emails to store sensitive files like tax documents, medical records, contracts, and passwords, all posing significant privacy risks if accessed by criminals.

Risks Of Credential Exposure

The leaked credentials enable cybercriminals to:

Perform credential stuffing attacks by using automated scripts to test compromised email and password combinations across multiple sites.

Gain account control, especially on accounts without 2FA, leading to identity theft, financial fraud, and social engineering attacks.

Facilitate corporate espionage, as some credentials included business-related logins, risking insider attacks.

Target government or sensitive state accounts, some of which belonged to .gov”** domains.

Conduct phishing attacks using stolen email data, making scams more convincing.

Protecting Yourself from Similar Breaches

Fowler recommends several steps for users to safeguard their accounts:

Change passwords regularly, ideally annually.

Use unique, complex passwords** for each account to prevent widespread compromise.

Enable Two-Factor Authentication (2FA) wherever possible.

Check if your credentials have been exposed using services like Have I Been Pwned.

Monitor account activity for suspicious logins or actions.

Use reputable password managers to generate and store passwords securely.

Keep antivirus software updated** to detect malware and infostealers.

Be cautious with storing sensitive info in emails - consider encrypted cloud storage instead.

Legal & Ethical Considerations

Fowler emphasises that possessing or distributing stolen data can be illegal particularly with reference to the US Computer Fraud and Abuse Act (CFAA) and the EU GDPR regulations.

Fowler maintains his activities are purely educational and responsible only documenting findings to raise awareness and prompt organisations to improve security measures.

Conclusion

This incident underscores the ongoing risks posed by publicly accessible, unprotected databases and malware-driven data breaches. Users and organisations must remain vigilant by adopting strong security practices, regularly updating credentials, and monitoring account activity.

While the breach’s full scope remains uncertain, its discovery highlights the critical need for robust cybersecurity defences and the responsible handling of sensitive data to prevent exploitation by cybercriminals.

Website Planet |

Image: ar-chi

You Might Also Read:

Staying Ahead Of First-Party Fraud & Abuse:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.