Home / Technology / Criminals' Dream: 149M Logins Exposed Online
Criminals' Dream: 149M Logins Exposed Online
23 Jan
Summary
- Database with 149 million logins, including Gmail and Facebook, was exposed.
- Researcher suspects infostealer malware collected the credentials.
- The exposed data included government, banking, and streaming service logins.
A vast database holding 149 million usernames and passwords, including credentials for Gmail, Facebook, and cryptocurrency platforms, has been taken offline. The exposed information, discovered by security analyst Jeremiah Fowler, also contained logins for government systems, banking, and streaming services. Fowler believes infostealer malware likely compiled the data, which was accessible via a web browser.
The database's format suggested an organized collection of extensive logs, potentially for sale to cybercriminals. Among the leaked accounts were millions for Yahoo, Microsoft Outlook, and Apple iCloud, alongside academic and popular streaming service credentials. The data's public accessibility created a low barrier for criminals seeking sensitive user information.
Infostealer malware automates credential collection, significantly lowering entry barriers for cybercriminals. Experts note that renting such malware infrastructure can cost as little as $200 to $300 per month, enabling illicit access to hundreds of thousands of stolen logins monthly. This incident highlights the persistent threat of unsecured data and the increasing sophistication of automated credential theft.
