A massive database containing 184 million login records has been exposed, sparking widespread concern over global security. The database, discovered by data-breach hunter Jeremiah Fowler in early May, contains sensitive information from major services including Apple, Facebook, and Google.
The database’s sheer scale and lack of clues about its ownership or origin suggest it may have been compiled by attackers using infostealer malware. Fowler warned that the exposure poses a significant risk of logins being exploited for fraud or to breach other organizations.
A sample of 10,000 records revealed 479 Facebook accounts, 475 Google accounts, and 240 Instagram accounts, among others. The database also included email addresses from at least 29 countries, raising national security concerns.
Fowler reported the exposure to World Host Group, the hosting company behind the database. Access was quickly shut down, but the incident highlights the need for robust cybersecurity measures to prevent such exposures in the future.
The company’s CEO, Seb de Lemos, acknowledged that an unmanaged server was compromised and promised improvements to its reporting system. However, concerns remain about whether sensitive data may have been stolen or abused while the database was live.
Source: https://www.wired.com/story/mysterious-database-logins-governments-social-media