A vast database containing over 184 million login credentials has been discovered online, potentially impacting users of popular services like Apple, Google, Facebook, and Microsoft. This alarming finding was reported by a respected cybersecurity researcher who stumbled upon an unsecured 47GB Elasticsearch server. The database, which was easily accessible to the public with no password protection, contained sensitive information from individuals in at least 29 countries.
Screenshot with some entries of stolen passwords referencing Facebook, Roblox, Google, NHS, Live, Microsoft, Discord, and Snapchat. | Image credit — Website Planet
Implications for a Wide User Base
Attackers commonly utilize stolen login credentials across multiple platforms in attempts to breach user accounts. With many individuals using the same password for different services, the leak of a single password has the potential to compromise numerous accounts beyond the initial platform.
