Large-Scale Data Exposure Discovered

Uploaded on 2025-05-23 in NEWS-Cybersecurity News, FREE TO VIEW

Cybersecurity researcher Jeremiah Fowler has identified a significant security lapse involving a non-password-protected database containing over 184 million credential records. Disclosed to Website Planet, the breach highlights a serious risk of data theft and misuse.

The database comprised 184 million records totalling approximately 47.4 GB of data. The contents included, emails,  logins, passwords, and authorisation URLs.

The exposed data spanned various services, from popular social media platforms including Facebook, Instagram and  Snapchat, to email providers, Microsoft products, bank and financial accounts, health platforms, and government portals.

How The Breach Occurred

The database was publicly accessible but lacked passwords or encryption, making it vulnerable. Its connection to two domain names went unnoticed:

  • One domain was inactive.
  • The other was unregistered and available for purchase.

 The owner of the database remains unknown due to private Whois registration, and the hosting provider did not disclose customer details. Shortly after Fowler’s discovery, the database was restricted from public access.

Possible Malicious Origins: Infostealer Malware

Evidence pointed to the data being harvested via infostealer malware, a malicious program designed to steal sensitive information by:

  • Targeting credentials stored in browsers, email clients, messaging apps.
  • Capturing autofill data, cookies, crypto wallet information, even screenshots or keystrokes.

While the specific method of collection isn’t confirmed, criminals often use phishing emails, malicious websites or cracked software to deploy this malware. The stolen data is typically circulated on dark web marketplaces or  and used for fraud, identity theft, or further cyberattacks.

Verifying Data Legitimacy

Fowler contacted multiple email addresses listed in the database, confirming several records as accurate and valid. Many individuals use their emails to store sensitive files like tax documents, medical records, contracts, and passwords, all posing significant privacy risks if accessed by criminals.

Risks Of Credential Exposure

The leaked credentials enable cybercriminals to:

  • Perform credential stuffing attacks by using automated scripts to test compromised email and password combinations across multiple sites.
  • Gain account control, especially on accounts without 2FA, leading to identity theft, financial fraud, and social engineering attacks.
  • Facilitate corporate espionage, as some credentials included business-related logins, risking insider attacks.
  • Target government or sensitive state accounts, some of which belonged to .gov”** domains.
  • Conduct phishing attacks using stolen email data, making scams more convincing.

Protecting Yourself from Similar Breaches

Fowler recommends several steps for users to safeguard their accounts:

  • Change passwords regularly, ideally annually.
  • Use unique, complex passwords** for each account to prevent widespread compromise.
  • Enable Two-Factor Authentication (2FA) wherever possible.
  • Monitor account activity for suspicious logins or actions.
  • Use reputable password managers to generate and store passwords securely.
  • Keep antivirus software updated** to detect malware and infostealers.
  • Be cautious with storing sensitive info in emails - consider encrypted cloud storage instead.

Legal & Ethical Considerations

Fowler emphasises that possessing or distributing stolen data can be illegal particularly with reference to the US Computer Fraud and Abuse Act (CFAA) and  the EU GDPR regulations.

Fowler maintains his activities are purely educational and responsible only documenting findings to raise awareness and prompt organisations to improve security measures.

Conclusion

This incident underscores the ongoing risks posed by publicly accessible, unprotected databases and malware-driven data breaches. Users and organisations must remain vigilant by adopting strong security practices, regularly updating credentials, and monitoring account activity. 

While the breach’s full scope remains uncertain, its discovery highlights the critical need for robust cybersecurity defences and  the responsible handling of sensitive data to prevent exploitation by cybercriminals.

 Website Planet  | 

Image: ar-chi

You Might Also Read:

Staying Ahead Of First-Party Fraud & Abuse:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Pegasus Spyware Maker Fined
DORA - The Regulatory Awakening »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DCL Search & Select

DCL Search & Select

DCL Search & Selection connect candidates to the best companies in the IT Security, Telco, UC, Outsourcing, ERP, Audit & Control markets.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Scientific Cyber Security Association (SCSA)

Scientific Cyber Security Association (SCSA)

The main goal of Scientific Cyber Security Association is the development of scientific and practical directions of cyber security.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

BIO-key

BIO-key

BIO-key is a pioneer and innovator, we are recognized as a leading developer of fingerprint biometric authentication and security solutions.

Let's Encrypt

Let's Encrypt

Let’s Encrypt is a free, automated, and open digital certificate authority, run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

CliftonLarsonAllen (CLA)

CliftonLarsonAllen (CLA)

CLA exists to create opportunities for our clients through industry-focused advisory, outsourcing, audit, tax, and consulting services.

Lansweeper

Lansweeper

Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.

TekStream Solutions

TekStream Solutions

TekStream accelerates clients’ digital transformation by navigating complex technology environments with a combination of technical expertise and staffing solutions.

Oktacron

Oktacron

Oktacron is a company specialized in cybersecurity, guided by the principle that at every moment, in every approach, and with all technologies, one should stay one step ahead of attackers.