Login and password data for Apple, Google and Meta accounts found in huge data breach of 184 million accounts
- Advertisement -
Related Posts
- Advertisement -
- Researchers found a new non-password protected database
- The database contained hundreds of millions of records
- Among the records were login details for Facebook, Apple and more
Log login details for MicrosoftFacebook, Snapchat and many other services have recently been found in a public, non-password-protected database, available to anyone who was able to look for where.
The database was discovered by Jeremiah Fowler, a security researcher who is known for hunting large, open databases.
According to Fowler, the database contained more than 184 million unique registrations and passwords: e -mails, usernames, passwords and URL -Login -Links, for a wide range of services applications and accounts. This includes E -mail providers, Microsoft Products, Facebook, Instagram, Snapchat, Roblox and much more.
Fowler also said that he saw login details for banking and financial accounts, health platforms and government sports from “countless countries”. He managed to confirm the authenticity of at least some data in the database, by contacting e -mail addresses found in it.
Attribution, however, was difficult. Fowler says that the IP address indicated that the database was connected to two domain names -one parked and not available, and the other not registered and available for purchase.
The WHOIS registration was set to private, making it impossible to identify the true owner of the database.
Attribution problems
But the researcher succeeded in reaching the hosting provider, and shortly thereafter the access of the public was limited. However, the provider did not disclose the information about the owner.
With that in mind, Fowler says that it is difficult to determine whether the database has been generated by a malignant actor, or a legitimate one. Yet he tends towards the first and claims that he has seen ‘multiple signs’, the data was harvested with informationalers.
Infelealers are usually distributed via phishing, malignant websites or infected updates. They can harvest sensitive information from the compromised device, including passwords stored in browsers, important PDF files, cryptocurrency portion in information and more.
As soon as Crooks gains access to E -mail accounts, they can use them to launch convincing phishing attacks or to steal even more data.
Fowler even argues that many people “treat their e -mail accounts such as free storage” and keep sensitive documents inside for years.
Maybe you like it too
- Advertisement -
