Home / Technology / One Billion Records Exposed in Accidental Data Leak
One Billion Records Exposed in Accidental Data Leak
19 Feb
Summary
- One billion personal records from 26 countries were leaked.
- The data leak was an accidental exposure, not a hack.
- Exposed data includes names, addresses, birth dates, and national IDs.
A massive accidental data leak has resulted in the exposure of approximately one billion personal records spanning 26 countries. The unprotected database, discovered on November 11 and subsequently secured, is believed to belong to IDMerit, a digital identity verification solutions provider. This incident was not a cyberattack but rather an inadvertent exposure of sensitive user data.
The exposed information includes full names, addresses, post codes, dates of birth, national IDs, phone numbers, genders, email addresses, and telco metadata. The United States was most affected, with 204 million records exposed, followed by Mexico (123 million) and the Philippines (72 million).
Cybercriminals could exploit this data for various malicious activities, such as account takeovers, phishing, credit fraud, SIM swaps, and identity theft. The structured nature of the data further simplifies its exploitation. As of February 19, 2026, individuals whose data was compromised are advised to monitor for suspicious communications and consider identity theft protection services to mitigate potential harm.
