A massive database containing 149 million stolen login credentials was discovered exposed online without password protection. Cybersecurity researcher Jeremiah Fowler uncovered the breach and reported findings to ExpressVPN, revealing a sprawling collection of stolen accounts spanning major platforms, including Gmail, Instagram, Facebook, and government systems.
Posing serious security risks to users of Gmail, Instagram, Facebook, Netflix, and thousands of other platforms worldwide.
The publicly accessible database contained 149,404,754 unique logins and passwords harvested through infostealer malware and keylogging software.
Each record included email addresses, usernames, passwords, and the exact URL links for account authorization.
The breach represents an unprecedented collection of infostealer malware output, capturing credentials across entertainment, financial, and social media platforms:
Email Providers (Primary Targets):
- Gmail: 48 million accounts
- Yahoo: 4 million accounts
- Outlook: 1.5 million accounts
- iCloud: 900,000 accounts
- .edu domains: 1.4 million accounts
Major Platforms Compromised:
- Facebook: 17 million accounts
- Instagram: 6.5 million accounts
- Netflix: 3.4 million accounts
- TikTok: 780,000 accounts
- Binance: 420,000 accounts
- OnlyFans: 100,000 accounts
Notably, the database included credentials associated with .gov domains from multiple countries,a critical national security concern.
Government account compromise could facilitate targeted spear-phishing, network infiltration, or impersonation attacks against government infrastructure.
Analysis reveals the database stored output from advanced infostealer malware, structured using “host_reversed paths” (com.example.user.machine) to organize stolen data by victim and source.
This formatting enables efficient indexing while potentially bypassing detection rules targeting standard domain formats.
Approximately 48 million Gmail accounts were compromised, alongside 4 million Yahoo accounts, 1.5 million Outlook accounts, 900,000 iCloud accounts, and 1.4 million .edu email addresses from educational institutions.
