Your information was probably stolen again: Researcher discovers 184 million stolen logins

1 month ago 2

A person using a laptop with a set of code seen on the display.

In another stark reminder of the constant threats online, cybersecurity researcher Jeremiah Fowler recently uncovered a massive, unsecured database containing over 184 million login credentials from Microsoft, Apple, Facebook, Discord, Google, PayPal and others. The trove amounted to approximately 47.42 GB of data, was discovered on a misconfigured cloud server and is believed to have been amassed using infostealer malware – malicious software designed to extract sensitive information from compromised devices.

A global breach with far-Reaching implications

According to Jeremiah, the database also contained over 220 email addresses associated with government domains from at least 29 countries, such as the United Stated, United Kingdom, Australia, and Canada. The breadth underscores the potential national security risks posed by such breaches.

Fowlers analysis of a 10,000-record sample revealed that the data included plaintext usernames and passwords, with some entries linked to financial terms like “bank” and “wallet,” indicating a heightened risk of financial fraud. The presence of such sensitive information in an unprotected database amplifies concerns about identity theft, unauthorized access and other malicious activities. Hackread.com has some images from the database provided by Jeremiah.

The role of infostealer malware

Infostealer malware operates by infiltrating devices through phishing emails, malicious websites, or comes bundled with pirated software. Once installed, it can harvest a variety of data, including login credentials, cookies, autofill information and even cryptocurrency wallet details. The data is then transmitted to command-and-control servers operated by cybercriminals.

The discovery of this database suggests a coordinated effort to collect and potentially exploit vast amounts of personal and institutional data. The lack of identifiable ownership or metadata within the database further complicates efforts to trace its origins or intended use. Hosting companies likely do not know that they are fostering these databases to begin with.

Immediate actions and recommendations

Upon discovering the database, Fowler promptly notified the hosting provider, World Host Group, which subsequently took the server offline. However, the duration for which the data remained exposed and wither it was accessed by unauthorized parties before its removal remains uncertain.

I would advise users to:

Change your passwords, yet again: Immediately update your passwords for all online accounts, especially if the same passwords are being re-used across multiple platforms
Enable two-factor authentication (2FA): This generally requires a text verification code to your phone, or a secondary email address
Monitor your accounts: Regularly check your financial accounts and other sensitive accounts for suspicious activity
Use reputable security software: Anti-virus and malware software from reputable companies usually help, make sure they are updated. You can check out our antivirus and malware reviews
Be cautious with emails and downloads: Avoid clicking on suspicious links or downloading attachments from unknown sources

Ian Bell

I work with the best people in the world and get paid to play with gadgets. What's not to like?

Dell sale: Up to $400 off monitors, desktop PCs, laptops, and more

Alienware Aurora R16 sitting on a coffee table.

Dell is always an excellent source of monitor deals, desktop computer deals, and laptop deals, especially if you're able to take advantage of the savings from Dell sales -- just like the one that's happening right now. Feel free to take a look at everything that's available through the link below, but you can also check out our favorite offers that we've rounded up. Either way, we highly recommend hurrying with your purchase -- these limited-time deals will only last until May 25, but there's a chance that stocks for the more popular devices will sell out long before then.

Alienware Aurora R16 gaming PC -- $2,450 $2,850 14% off

I tested Gemini Advanced, ChatGPT, and Copilot Pro. Here’s which AI searched best

ChatGPT logo on a phone

With AI chatbots now built into search engines, browsers, and even your desktop, it's easy to assume they all do the same thing. But when it comes to getting useful search results, some outperform the rest.

I wanted to test Gemini Advanced, ChatGPT, and Copilot Pro head-to-head to see which one helps you get answers faster and more accurately. These are the paid versions, all promising live web access, smarter context, and fewer hallucinations.

Need a Copilot+ laptop? The Dell XPS 13 is $400 off right now

Dell XPS 13 9345 front angled view showing display and keyboard.

The Dell XPS 13 (9345) is a device that's designed for Microsoft's powerful AI assistant, and you can currently buy it with a $400 discount from Dell itself. From its original price of $1,560, it's down to just $1,160, but the offer may expire at any moment. If you're interested in taking advantage of this offer, we highly recommend doing so right now because there's high demand for laptop deals like this one -- tomorrow may already be too late to access the savings.

Why you should buy the Dell XPS 13 (9345) laptop

Read Entire Article