Large-Scale Data Exposure Discovered

Uploaded on 2025-05-22 in NEWS-Cybersecurity News, FREE TO VIEW

Cybersecurity researcher Jeremiah Fowler has identified a significant security lapse involving a non-password-protected database containing over 184 million credential records. Disclosed to Website Planet, the breach highlights a serious risk of data theft and misuse.

The database comprised 184 million records totalling approximately 47.4 GB of data. The contents included, emails,  logins, passwords, and authorisation URLs.

The exposed data spanned various services, from popular social media platforms including Facebook, Instagram and  Snapchat, to email providers, Microsoft products, bank and financial accounts, health platforms, and government portals.

How The Breach Occurred

The database was publicly accessible but lacked passwords or encryption, making it vulnerable. Its connection to two domain names went unnoticed:

  • One domain was inactive.
  • The other was unregistered and available for purchase.

 The owner of the database remains unknown due to private Whois registration, and the hosting provider did not disclose customer details. Shortly after Fowler’s discovery, the database was restricted from public access.

Possible Malicious Origins: Infostealer Malware

Evidence pointed to the data being harvested via infostealer malware, a malicious program designed to steal sensitive information by:

  • Targeting credentials stored in browsers, email clients, messaging apps.
  • Capturing autofill data, cookies, crypto wallet information, even screenshots or keystrokes.

While the specific method of collection isn’t confirmed, criminals often use phishing emails, malicious websites or cracked software to deploy this malware. The stolen data is typically circulated on dark web marketplaces or  and used for fraud, identity theft, or further cyberattacks.

Verifying Data Legitimacy

Fowler contacted multiple email addresses listed in the database, confirming several records as accurate and valid. Many individuals use their emails to store sensitive files like tax documents, medical records, contracts, and passwords, all posing significant privacy risks if accessed by criminals.

Risks Of Credential Exposure

The leaked credentials enable cybercriminals to:

  • Perform credential stuffing attacks by using automated scripts to test compromised email and password combinations across multiple sites.
  • Gain account control, especially on accounts without 2FA, leading to identity theft, financial fraud, and social engineering attacks.
  • Facilitate corporate espionage, as some credentials included business-related logins, risking insider attacks.
  • Target government or sensitive state accounts, some of which belonged to .gov”** domains.
  • Conduct phishing attacks using stolen email data, making scams more convincing.

Protecting Yourself from Similar Breaches

Fowler recommends several steps for users to safeguard their accounts:

  • Change passwords regularly, ideally annually.
  • Use unique, complex passwords** for each account to prevent widespread compromise.
  • Enable Two-Factor Authentication (2FA) wherever possible.
  • Monitor account activity for suspicious logins or actions.
  • Use reputable password managers to generate and store passwords securely.
  • Keep antivirus software updated** to detect malware and infostealers.
  • Be cautious with storing sensitive info in emails - consider encrypted cloud storage instead.

Legal & Ethical Considerations

Fowler emphasises that possessing or distributing stolen data can be illegal particularly with reference to the US Computer Fraud and Abuse Act (CFAA) and  the EU GDPR regulations.

Fowler maintains his activities are purely educational and responsible only documenting findings to raise awareness and prompt organisations to improve security measures.

Conclusion

This incident underscores the ongoing risks posed by publicly accessible, unprotected databases and malware-driven data breaches. Users and organisations must remain vigilant by adopting strong security practices, regularly updating credentials, and monitoring account activity. 

While the breach’s full scope remains uncertain, its discovery highlights the critical need for robust cybersecurity defences and  the responsible handling of sensitive data to prevent exploitation by cybercriminals.

 Website Planet  | 

Image: ar-chi

You Might Also Read:

Staying Ahead Of First-Party Fraud & Abuse:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Pegasus Spyware Maker Fined
Tesco Website & App Outage Sparks Customer Frustration »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

European Cybercrime Training and Education Group (ECTEG)

European Cybercrime Training and Education Group (ECTEG)

The primary aim of ECTEG is to enhance the coordination of cybercrime training, by identifying opportunities to build the capacity of countries to combat cybercrime

DefCamp

DefCamp

DefCamp is the most important annual conference on Hacking & Information Security in Central Eastern Europe.

Tenfold Software

Tenfold Software

Tenfold is the unique, centralized platform for managing user and permissions efficiently and automatically.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub is a non-profit network organization focused on cooperation, information sharing, research and implementation of cutting-edge technologies in cybersecurity.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

RISE

RISE

RISE is an independent, State-owned research institute, which offers unique expertise and over 100 testbeds and demonstration environments for future-proof technologies, products and services.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

International College For Security Studies (ICSS)

International College For Security Studies (ICSS)

ICSS India offers technical education to students, clients and partners in IT Industry by our well qualified, certified and experienced trainers.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

CI-ISAC Australia

CI-ISAC Australia

CI-ISAC has been designed to support and promote existing legislation and Government initiatives that are working to uplift cyber resilience across critical infrastructure sectors.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.

CyAmast

CyAmast

CyAmast is an IoT Network security and analytics company that is changing the way enterprise and governments detect and protect networks from the pervasive threat of cyber attacks.

Octane

Octane

Octane is an AI cybersecurity startup using machine learning to identify and fix vulnerabilities in blockchain codebases.