The unprotected database contained tens of millions of account credentials, exposing Microsoft products, access to multiple social media and banking platforms. The database was most likely owned by cybercriminals, and the data was stolen.
The database with details on over 184 million accounts, uncovered by security researcher Jeremiah Fowler, reveals the extent of the effectiveness of cybercriminals. According to the researchers, tens of millions of account details were stored on a publicly exposed database.
“The database contained login and password credentials for a wide range of services, applications, and accounts, including email providers, Microsoft products, Facebook, Instagram, Snapchat, Roblox, and many more,” Fowler said.
Moreover, after investigating a limited data sample, Fowler discovered numerous credentials for bank and financial accounts, health platforms, and government portals from numerous countries.
While it’s not known if the database was created for legitimate or malicious purposes, researchers believe the records collected strongly suggest nefarious intent from whoever owns the database. Most likely, the database contained details gathered using infostealer malware that attackers utilize via phishing emails, malicious websites, and cracked software.
“To confirm the authenticity of the data, I messaged multiple email addresses listed in the database and explained that I was investigating a data exposure that may have involved their information. I was able to validate several records as these individuals confirmed that the records contained their accurate and valid passwords,” Fowler said.
Since no clear attribution was possible, after discovering the exposed database, Fowler contacted the hosting provider, which restricted access to the publicly accessible instance. However, while the instance is no longer openly available, whoever collected the data most likely can still access it.
“The database contained login and password credentials for a wide range of services, applications, and accounts, including email providers, Microsoft products, Facebook, Instagram, Snapchat, Roblox, and many more.”
The dataset of that size and extent is a literal gold mine for malicious attackers. There are nearly unlimited opportunities for credential stuffing attacks, account takeovers, corporate espionage, as well as nation-state actor activity. Not to mention the usual uses of data for phishing attacks.
Users ought to be perpetually vigilant, as there’s no shortage of data leaks. For example, earlier this week, a massive 1.2 billion user record database was scraped from the Meta-owned Facebook by abusing one of the social media platform‘s application programming interfaces (APIs).
While there’s no single way to protect against similar data leaks, users are strongly advised to regularly change their passwords, employ hard-to-guess passwords, activate two-factor authentication, and monitor accounts.
Users should also monitor if their data was exposed in public data leaks. It’s possible to check this using the Cybernews personal data leak checker, which contains over 15.5 billion entries from older data breaches.
Your email address will not be published. Required fields are markedmarked