A massive data breach that exposed over 184 million online accounts has been discovered, and experts are calling the stolen information a ‘cybercriminal’s dream.’
The trove of Apple, Facebook, and Google usernames and passwords was found online in an unmanaged server by data breach hunter and security researcher Jeremiah Fowler.
The mysterious database not only contained secure login data for millions of private citizens, but also had stolen account information connected to multiple governments around the world.
While looking at a small sample of 10,000 of these stolen accounts, Fowler found 220 email addresses with .gov domains, linking them to more than 29 countries, including the US, UK, Australia, Canada, China, India, Israel, and Saudi Arabia.
‘This is probably one of the weirdest ones I’ve found in many years,’ Fowler told WIRED.
‘As far as the risk factor here, this is way bigger than most of the stuff I find, because this is direct access into individual accounts. This is a cybercriminal’s dream working list,’ the cybersecurity expert continued.
In total, Fowler discovered 47 gigabytes of data with sensitive information for accounts on various sites including Instagram, Microsoft, Netflix, PayPal, Roblox, and Discord.
The best action to take right now is to change your passwords if you use any of these platforms and also activate Two-Factor Authentication, which adds another layer of security to logging in by sending a secure code to your phone or email.