149 Million Account Credentials Leak: The Growing Threat of Infostealers
A database revealing 149 million account credentials from Gmail, Facebook, and Binance was recently exposed. Learn how infostealing malware is driving this massive data breach.
A massive database containing 149 million account usernames and passwords has been shut down after being discovered exposed online. Security analyst Jeremiah Fowler found the unsecured trove, which included millions of logins for Gmail, Facebook, and the cryptocurrency giant Binance.
149 Million Account Credentials Leak: Data Breakdown
According to WIRED, the database was publicly accessible via a web browser, requiring no password for entry. Fowler reported that it wasn't just social media accounts at risk; the collection contained credentials for government systems, banking platforms, and streaming services. While Fowler communicated with the Canadian-based hosting provider to take down the database, it continued to grow for nearly a month.
- Gmail: 48 million accounts
- Facebook: 17 million accounts
- Binance: 420,000 accounts
- Netflix: 3.4 million accounts
- Academic (.edu): 1.4 million accounts
The Rise of Affordable Cybercrime
The database structure suggests it was compiled by infostealing malware. These programs infect personal devices and use keylogging to record sensitive information as victims type it into websites. The logs were automatically indexed, making them easy to search and query for criminal customers.
Renting one popular infrastructure we’ve seen costs somewhere between $200 to $300 a month, so for less than a car payment, criminals could potentially gain access to hundreds of thousands of new usernames and passwords a month.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Iran and Israel are hacking civilian security cameras for military reconnaissance. How consumer surveillance devices became weapons of war.
A security researcher discovered he could access 7,000 DJI robot vacuums and peek into strangers' homes. This Valentine's Day revelation exposes the hidden privacy risks of our smart home obsession.
CISA orders emergency patches for iOS vulnerabilities exploited by sophisticated Coruna toolkit, revealing how cybercriminals weaponize already-patched flaws
TriZetto confirms massive health data breach affecting 3.4 million people went undetected for nearly a year, exposing critical vulnerabilities in healthcare IT infrastructure.
Iran and Israel are hacking civilian security cameras for military reconnaissance. How consumer surveillance devices became weapons of war.
A security researcher discovered he could access 7,000 DJI robot vacuums and peek into strangers' homes. This Valentine's Day revelation exposes the hidden privacy risks of our smart home obsession.
CISA orders emergency patches for iOS vulnerabilities exploited by sophisticated Coruna toolkit, revealing how cybercriminals weaponize already-patched flaws
TriZetto confirms massive health data breach affecting 3.4 million people went undetected for nearly a year, exposing critical vulnerabilities in healthcare IT infrastructure.
Thoughts
Share your thoughts on this article
Sign in to join the conversation