184 million records data leak: Google, PayPal and Netflix passwords leaked online

[harlan4096]

Security researcher Jeremiah Fowler stumbled upon a large database of login information and passwords containing over 184 million records recently. He mentioned the discovery in an article on Website Planet.

The data was not encrypted in any form and stored publicly, which meant that anyone with knowledge of its existence could download the data.

The sheer size of the database, more than 47 gigabytes of data, makes it one of the largest leaks in recent history. In early 2024, a 70 million records password dump was discovered.

A preliminary sampling of the data unveiled emails, usernames, passwords, and also links to login or authorization pages. Fowler found login information and passwords for a wide range of services in the dump. Notable products and services include Facebook, Instagram, Snapchat, Microsoft products, Google, Discord, and NHS.

Fowler discovered the database in early May 2025 and reported it to the web hosting company, which blocked public access shortly after to prevent further spreading of the data. He wrote to several of the email accounts found in the database to verify the authenticity of the data and was able to confirm it based on the replies that he received.

The security researcher suspects that it could be an infostealer's dump. Infostealer malware is designed to copy sensitive information, including passwords, cookies, recovery keys, credit card numbers, on infected systems.

Continue Reading...