A recent discovery has exposed a vast number of passwords and sensitive data from major online platforms. Cybersecurity expert Jeremiah Fowler uncovered an unsecured database containing more than 184 million passwords along with email addresses and authorisation links online. The leaked information involved popular services such as Apple, Google, Facebook, Microsoft, Instagram, and Snapchat.

The exposed data goes beyond just passwords. It includes login details for banks, financial institutions, health services, and government portals. Unlike typical databases that protect such information through encryption, this database was stored as a plain text file, making the information easily accessible to anyone who found it online, The Indian Express reported.
Also read: Microsoft launches Xbox Copilot beta on Android app to assist gamers with real-time support
Data Possibly Collected Using Malware
Fowler’s investigation suggests that the data may have been collected using infostealing malware. This type of malicious software, such as Lumma Stealer, collects usernames, passwords, credit card details, and other sensitive information from compromised systems. The stolen data is often sold on the dark web to cybercriminals.
Upon finding the unsecured file, Fowler notified the hosting provider responsible for storing the database. The hosting company quickly restricted public access to the file, but it declined to provide information about the owner. To verify the authenticity of the leak, Fowler reached out to several individuals whose details appeared in the database. They confirmed that their credentials had indeed been exposed.
Also read: Uber users can now book Delhi Metro tickets within the app: Here’s how to do it
Users and Businesses Face Higher Risk
Experts warn that individuals who reuse the same password and username across multiple platforms face higher risks. Once cybercriminals access one account, they can exploit personal data for identity theft, fraud, and scams. The breach also included business accounts, which put company records and operations at risk. Threat actors could use such information to steal business data, conduct espionage, or launch ransomware attacks. The leak even contained login details for certain government services and private conversations.
Also read: PlayStation Days of Play Sale: Spider-Man 2, God of War Ragnarök, and more games get big price cuts
Basic Steps Can Help Reduce Risk
{{/usCountry}}Also read: PlayStation Days of Play Sale: Spider-Man 2, God of War Ragnarök, and more games get big price cuts
Basic Steps Can Help Reduce Risk
{{/usCountry}}While no method guarantees full protection against data breaches, experts advise using strong, unique passwords and changing them regularly. Multi-factor authentication adds an extra layer of security. Additionally, Google offers a free tool to check if your credentials have appeared in data leaks online. Users should remain vigilant and update their security practices to reduce the impact of such incidents.