A new report has created a stir in the online world. It has been claimed that login details of more than 149 million users have been leaked online. According to the report, this includes accounts of big platforms like Gmail, Facebook, Instagram and Netflix. This information has come from a report by ExpressVPN based on the research of cyber security researcher Jeremiah Fowler. According to Fowler, a very large database containing sensitive login information was found openly available online.
Which platform’s accounts were affected?
According to the report, the leaked data includes accounts of many popular online services. According to the report, it contains information of not just lakhs but crores of users. In total, the database is claimed to contain 149,404,754 unique usernames and passwords, and is estimated to be approximately 96GB in size.
The entire database was insecure
Fowler says that this database was neither password protected nor encrypted in any way. This means that whoever found it could easily access it. Initial investigation found email addresses, usernames, passwords and even direct login links.
No response from companies yet
According to the researcher, he contacted the big companies mentioned in the report through email. However, no official response was received from any company till the time the report was published. Fowler said that the information included in this leak is not limited to any one country. The data contains accounts of users from different parts of the world, covering almost every type of online service they use every day.
Banking and crypto accounts also claimed to be affected
The most worrying thing is that in the initial sample check, login details related to financial services, crypto wallets, trading platforms, bank accounts and credit cards were found. This significantly increases the risk of financial fraud and identity theft.
Concerns increased over government (.gov) accounts
The report also revealed that the leaked data included login details related to .gov domains of many countries. While not every government account grants direct access to sensitive systems, even limited access can cause serious harm if it falls into the wrong hands.
Risk of cyber attacks increased
Fowler warned that the leak of such a large amount of login details posed a significant risk to users, especially those who were unaware of the breach. Availability of email addresses, passwords, and exact login URLs can enable cybercriminals to conduct automated attacks such as credential stuffing.
