A massive data breach that exposed over 184 million online accounts has been discovered, and experts are calling the stolen information a ‘cybercriminal’s dream.’

The trove of Apple, Facebook, and Google usernames and passwords was found online in an unmanaged server by data breach hunter and security researcher Jeremiah Fowler.

The mysterious database not only contained secure login data for millions of private citizens, but also had stolen account information connected to multiple governments around the world.

While looking at a small sample of 10,000 of these stolen accounts, Fowler found 220 email addresses with .gov domains, linking them to more than 29 countries, including the US, UK, Australia, Canada, China, India, Israel, and Saudi Arabia.

‘This is probably one of the weirdest ones I’ve found in many years,’ Fowler told WIRED.

‘As far as the risk factor here, this is way bigger than most of the stuff I find, because this is direct access into individual accounts. This is a cybercriminal’s dream working list,’ the cybersecurity expert continued.

In total, Fowler discovered 47 gigabytes of data with sensitive information for accounts on various sites including Instagram, Microsoft, Netflix, PayPal, Roblox, and Discord.

The best action to take right now is to change your passwords if you use any of these platforms and also activate Two-Factor Authentication, which adds another layer of security to logging in by sending a secure code to your phone or email.

The trove of Apple, Facebook , and Google usernames and passwords was found online in an unmanaged server by data breach hunter and security researcher Jeremiah Fowler

The trove of Apple, Facebook , and Google usernames and passwords was found online in an unmanaged server by data breach hunter and security researcher Jeremiah Fowler

Fowler discovered the database in early May while searching the internet for vulnerabilities in major computer networks.

The unprotected database was managed by World Host Group, a web hosting and domain name provider founded in 2019.

It operates over 20 brands globally, offering cloud hosting, domain services, and technical support for businesses of all sizes.

Once Fowler confirmed that the exposed information was genuine, he reported the breach to World Host Group, which shut down access to the database.

Seb de Lemos, CEO of World Host Group, told WIRED: ‘It appears a fraudulent user signed up and uploaded illegal content to their server.’

Fowler said ‘the only thing that makes sense’ is that the breach was the work of a cybercriminal because there’s no other way to gain that much access to information from so many servers around the world.

How the 184 million accounts ended up in the open database is still a mystery. There were no identifiable owners and no purpose for the logins IDs to be there.

Fowler suspected that the person who collected the private data used a malware program called infostealer to compile this list. 

Any hackers who accessed the database before its discovery could use the stolen usernames and passwords to log into accounts, potentially stealing personal data or money.

They could have also committed fraud by making unauthorized transactions or engaging in identity theft.

The mysterious database not only contained secure login data for millions of private citizens, but also had stolen account information connected to multiple governments around the world

The mysterious database not only contained secure login data for millions of private citizens, but also had stolen account information connected to multiple governments around the world

The cybersecurity expert warned that this particular breach also poses a major national security risk.

Exploiting government email accounts could allow hackers and foreign agents access to sensitive or even top secret systems.

The stolen data could also be used as part of a larger phishing campaign, using one person’s hacked account to gain private information from other potential victims.

Along with creating new passwords and activating Two-Factor Authentication, cyber experts urge anyone who use these platforms to starting monitoring their accounts for suspicious activity.

That includes watching over emails, banking apps, and social media accounts for changes that you did not make yourself.

Apple, Google, and Meta users can also consider freezing their credit, and activate fraud alerts on their bank accounts.

This will allow them to block anyone from using their personal information to open up new financial accounts in their name. 

The best action to take right now is to change your passwords if you use any of these platforms and also activate Two-Factor Authentication

The best action to take right now is to change your passwords if you use any of these platforms and also activate Two-Factor Authentication

This latest discovery of stolen records comes just days after over one billion Facebook users had their private account information allegedly stolen in one of the largest data breaches in social media history.

A cybercriminal using the alias ByteBreaker claimed to have scraped 1.2 billion Facebook records and is now selling the data on the dark web.

Scraping, or web scraping, involves using automated tools to collect large amounts of data from websites, similar to copying and pasting information at scale.

Fowler noted that it’s unlikely scraping was used in this new scheme because of the presence of plaintext passwords in the database.

 

***
Read more at DailyMail.co.uk