...
...
Next Story

Researcher claims to have found massive illegal database hosting emails, passwords and other sensitive information

The illegal database contained ‘thousands of files that included emails, usernames, passwords, and the URL links to the login or authorization for the accounts’

Updated on: May 28, 2025 06:04 PM IST
Advertisement

A cybersecurity researcher claimed to have found a publicly exposed database containing 184,162,718 unique login and password credentials, totalling a massive 47.42 GB of raw data.

The cybersecurity researcher said he contacted several individuals using emails listed in the illegal database and claimed to have received a confirmation from them that the illegal database contained “their accurate and valid passwords.” (Representational image)
The cybersecurity researcher said he contacted several individuals using emails listed in the illegal database and claimed to have received a confirmation from them that the illegal database contained “their accurate and valid passwords.” (Representational image)

The researcher, Jeremiah Fowler, reported his findings to Websiteplanet.com last week and claimed that the database hosting critical data was itself not protected by a password.

Fowler claimed that he saw “thousands of files that included emails, usernames, passwords, and the URL links to the login or authorisation for the accounts.” The database reportedly contained login credentials of numerous applications and services, including email providers, Microsoft, Facebook, Instagram, Snapchat, Roblox and many other websites.

Also read | Hackers steal advertising agency’s data, demand ransom in Bitcoins

Who owns the illegal database?

The researcher claimed that the database's Whois information, which can be used to identify the registrant (owner) of a domain and their contact details, was “private” and there seemed to be “no verifiable method” to identify the real owner of the illegal database.

According to the report, Fowler could also not establish how long the database was exposed or if anyone gained access to it. “The records exhibit multiple signs that the exposed data was harvested by some type of infostealer malware,” he wrote.

The researcher claimed that he does not know how such large volumes of data was collected, but stated that cybercriminals deploy a range of methods to deploy the malware and steal sensitive information.

Also read | Russian hackers target Western firms shipping aid to Ukraine, US intelligence says

Folwer also contacted several individuals using emails listed in the illegal database and claimed to have received confirmation from them that the illegal database contained “their accurate and valid passwords.”

He recommended users to be aware of sensitive information stored in their accounts and regularly delete “old, sensitive emails that contain PII, financial documents or any other important files.”

To guard against potential cyberattacks, Fowler urged users to change passwords annually and use unique and hard-to-guess passwords for every account. He also suggested activating two-factor-authentication and considering using password managers among other measures.

 
ABOUT THE AUTHOR
HT News Desk

Follow the latest breaking news, major developments and agenda-setting stories from India and around the world with the newsdesk at Hindustan Times. Operating round the clock, the desk brings together experienced editors, reporters and correspondents to deliver fast, accurate and contextual reporting across subjects that influence public policy, governance, business, society and international affairs. The HT News Desk covers politics, elections, government policies, the economy, business and markets, science and technology, the environment, law and order, infrastructure, education, climate issues and geopolitics, while closely tracking developments across states, institutions and global capitals. The team also leads coverage of major breaking news events, policy announcements, court proceedings, natural disasters, public emergencies and significant international developments. Reports published by the newsdesk are based on information gathered from reporters on the ground, official statements, government agencies, court records, regulatory filings, recognised institutions and other authoritative sources. Stories undergo editorial scrutiny and verification processes to ensure accuracy, fairness and relevance, and are updated as events evolve and additional information becomes available. Whether covering a key political decision in New Delhi, an economic policy shift affecting millions, a landmark court ruling or a major global event, the HT News Desk aims to provide readers with reliable, fact-based journalism that delivers not only the latest developments but also the context and analysis needed to understand their wider implications.

Check India news real-time updates, latest news on Hindustan Times and more across India.
Check India news real-time updates, latest news on Hindustan Times and more across India.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe