A public database containing 149 million usernames and passwords was found online. The collection includes 48 million Gmail accounts, 17 million Facebook logins, and 420,000 Binance credentials. The database has been taken offline by security researcher Jeremiah Fowler, who also discovered its existence.
The database was freely accessible via a web browser without a password or security measures. In addition to email and social media logins, the collection also contained login details for government systems from multiple countries, consumer bank accounts, and streaming services such as Netflix (3.4 million), TikTok (780,000), and OnlyFans (100,000). It also contained 1.5 million Microsoft Outlook, 900,000 Apple iCloud, and 1.4 million .edu accounts.
Database grew during investigation
Researcher Fowler was unable to identify the owner. He took immediate action to get the database offline. To do this, he tracked down the hosting provider in Canada, but it took about a month before the data was no longer available online. The company eventually took the database offline for violating its terms of service.
While Fowler was trying to reach the hosting provider, the database continued to grow with new login details. “This is a dream list for criminals because you have so many different types of credentials,” Fowler told WIRED. He suspects that the data was collected via infostealing malware that records keystrokes when victims log in to websites.
Growing infostealer market
Infostealers dominate the current malware landscape. According to research by eSentire, infostealer logs are sold for as little as ten dollars each on the dark web. The malware is simple and intuitive, making it an easy entry point for new criminals.
Read also: TikTok videos are the latest malware attack vector