149 million passwords exposed in massive credential leak
Security researchers warn millions of Gmail users and others to act now
https://www.foxnews.com/tech/149-million-passwords-exposed-massive-credential-leakThe data included credentials tied to an estimated 48 million Gmail accounts, along with millions more from popular services. Cybersecurity researcher Jeremiah Fowler, who discovered the database, confirmed it was not password-protected or encrypted. Anyone who found it could have accessed the data.
Here is what we know so far and what you should do next.
What was found in the exposed database
The database contained 149,404,754 unique usernames and passwords. Fowler said the exposed files included email addresses, usernames, passwords and direct login URLs for accounts across many platforms.Importantly, this was not a new breach of Google, Meta or other companies. Instead, the database appears to be a compilation of credentials stolen over time from past breaches and malware infections. That distinction matters, but the risk to users remains real.
Which accounts appeared most often
Based on estimates shared by Fowler, the following services had the highest number of credentials in the exposed database.- 48 million - Gmail
- 17 million - Facebook
- 6.5 million - Instagram
- 4 million - Yahoo Mail
- 3.4 million - Netflix
- 1.5 million - Outlook
- 1.4 million - .edu email accounts
- 900,000 - iCloud Mail
- 780,000 - TikTok
- 420,000 - Binance
- 100,000 - OnlyFans