149M Logins, Including 900K Apple Accounts, Exposed in Unsecured Database
A significant security breach has been uncovered, exposing a database containing 149 million account logins. This unsecured database includes 900,000 usernames and passwords for Apple accounts, according to recent reports.
Details of the Database Exposure
The alarming discovery was made by security researcher Jeremiah Fowler. This is not the first time Fowler has identified a massive unprotected database. Last year, he found a similar database that contained 184 million records, which also included Apple accounts.
- Total logins exposed: 149 million
- Apple accounts: 900,000
- Gmail accounts: 48 million
- Facebook accounts: 17 million
- Yahoo accounts: 4 million
- Microsoft Outlook accounts: 1.5 million
- Binance accounts: 420,000
- .edu accounts: 1.4 million
Methods of Data Collection
The data in these databases is typically gathered using infostealers, a type of malware designed to harvest personal information from compromised devices. Common vectors for these malicious programs include:
- Phishing emails
- Pirated software
Security Implications
The database was left unsecured on a cloud server, making it easily accessible through any web browser. Fowler promptly reported this exposure to the hosting service, which subsequently removed the database.
Experts warn that the problem of compromised login details from multiple services is likely to escalate. Criminals can rent necessary access tools for as little as $200 a month, increasing the risks for users.
Protecting Your Accounts
Access to an Apple account can provide access to a wealth of personal data, including stored photos and sensitive information. To mitigate risks, users are encouraged to:
- Utilize password managers
- Create unique, strong passwords for every account
The trend of infostealers executing breaches emphasizes the importance of cybersecurity and proactive measures to protect personal information online.
