149 Million Account Credentials Leak: The Growing Threat of Infostealers
A database revealing 149 million account credentials from Gmail, Facebook, and Binance was recently exposed. Learn how infostealing malware is driving this massive data breach.
A massive database containing 149 million account usernames and passwords has been shut down after being discovered exposed online. Security analyst Jeremiah Fowler found the unsecured trove, which included millions of logins for Gmail, Facebook, and the cryptocurrency giant Binance.
149 Million Account Credentials Leak: Data Breakdown
According to WIRED, the database was publicly accessible via a web browser, requiring no password for entry. Fowler reported that it wasn't just social media accounts at risk; the collection contained credentials for government systems, banking platforms, and streaming services. While Fowler communicated with the Canadian-based hosting provider to take down the database, it continued to grow for nearly a month.
- Gmail: 48 million accounts
- Facebook: 17 million accounts
- Binance: 420,000 accounts
- Netflix: 3.4 million accounts
- Academic (.edu): 1.4 million accounts
The Rise of Affordable Cybercrime
The database structure suggests it was compiled by infostealing malware. These programs infect personal devices and use keylogging to record sensitive information as victims type it into websites. The logs were automatically indexed, making them easy to search and query for criminal customers.
Renting one popular infrastructure we’ve seen costs somewhere between $200 to $300 a month, so for less than a car payment, criminals could potentially gain access to hundreds of thousands of new usernames and passwords a month.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
A new report in Science warns that AI swarms disinformation 2026 is becoming a reality, allowing one person to command thousands of AI agents to manipulate elections.
Explore the DHS ICE List doxing controversy where 4,500 employee profiles were compiled from public data. Is it a security breach or public info?
Ireland introduces the Communications Bill 2026, aiming to legalize government spyware use for encrypted data. Learn about the new surveillance powers and legal safeguards.
Under Armour is investigating a massive data breach affecting 72 million individuals. While the company disputes the scale, the Everest ransomware gang has leaked customer data.
A new report in Science warns that AI swarms disinformation 2026 is becoming a reality, allowing one person to command thousands of AI agents to manipulate elections.
Explore the DHS ICE List doxing controversy where 4,500 employee profiles were compiled from public data. Is it a security breach or public info?
Ireland introduces the Communications Bill 2026, aiming to legalize government spyware use for encrypted data. Learn about the new surveillance powers and legal safeguards.
Under Armour is investigating a massive data breach affecting 72 million individuals. While the company disputes the scale, the Everest ransomware gang has leaked customer data.