A DATA dump containing more than 180million private login details from popular online services has been uncovered by a security expert.
The huge haul reportedly includes credentials and passwords for accounts including Facebook, Netflix, Google, PayPal and more.
GettyLogin details for platforms like Netflix were reportedly among the data dump[/caption] GettyExperts believe cyber criminals used an infostealer malware to obtain all the info[/caption]Others range from Roblox and Microsoft, to Apple and Discord.
Login information for banks, health platforms and even government portals were also exposed.
Cybersecurity researcher Jeremiah Fowler sounded the alarm after finding the publicly exposed database which was not password-protected or encrypted.
The expert believes the breach may have come about because of common infostealer malware.
Infostealer malware sneakily captures sensitive details from infected systems.
They tend to sniff out usernames and passwords stored on things like web browsers, email software or messaging apps.
“Many people unknowingly treat their email accounts like free cloud storage and keep years’ worth of sensitive documents, such as tax forms, medical records, contracts, and passwords without considering how sensitive they are,” Fowler wrote.
“This could create serious security and privacy risks if criminals were to gain access to thousands or even millions of email accounts.
“From a cybersecurity perspective, I highly recommend knowing what sensitive information is stored in your email account and regularly deleting old, sensitive emails that contain PII, financial documents or any other important files.
“If sensitive files must be shared, I recommend using an encrypted cloud storage solution instead of an email.”
The exposure serves as an important reminder that users must routinely change their passwords.
It’s not clear how long the database was left for anyone to see, but it’s now been taken down.
There’s also no indication about who may be responsible for the large collection, which had a total of 184,162,718 records.
Fowler reported the database to the web hosting platform World Host Group.
The company’s CEO told Wired: “It appears a fraudulent user signed up and uploaded illegal content to their server.
“The system has since been shut down. Our legal team is reviewing any information we have that might be relevant for law enforcement.”
TIME TO TRY PASSKEYS?
Here's what security expert Chris Hauk, Consumer Privacy Advocate at Pixel Privacy, told The Sun...
“Passwords are both hard to remember and in most cases, easy to guess.
“I would venture to say that most users (especially older users) will reuse passwords, simply because of all of the websites and apps that require sign-ins.
“While password managers do help, they are at best, a stopgap measure and do not offer full-ranging security for your login information.
“Passkeys offer the advantage of eliminating the need to enter an email address and password to log in.
“This is especially handy when users are logging in on an iPhone or Android device.
“Passkeys have multiple advantages over passwords. Passkeys cannot be shared or guessed.
“Passkeys are unique to the website or app they are created for, so they cannot be used to login elsewhere like a reused password can.
“Plus, passkeys cannot be stolen in a data breach, as the passkeys are not stored on the company’s servers.
“But are instead are a private key stored only on your device, where biometric authentication (like face ID or Touch ID) is required to use the passkey.”
Image credit: Getty
Read More Details
Finally We wish PressBee provided you with enough information of ( Urgent warning as 180 MILLION passwords ‘exposed’ including Gmail, Netflix and PayPal accounts in huge data dump )
Also on site :
- New York Knicks' troubles worsen as Karl-Anthony Towns at risk of missing elimination Game 5 vs Indiana Pacers
- My Taliyah’s vomiting was fobbed off as a ‘strawberry allergy’ but now I’m fighting to keep her alive – trust your gut
- Transfer news LIVE: Arsenal close in on Zubimendi as Man Utd near first signing