61°
The exposed Elasticsearch database contained more than 184 million unique usernames and passwords. It was not password-protected or encrypted, and it was publicly accessible when discovered earlier this month.
The database included login details tied to popular platforms such as Microsoft, Facebook, Instagram, and Snapchat.
It also contained services with potentially greater stakes, including banking portals, health platforms, and government accounts from multiple countries.
Links to the login pages were included in many cases, prompting further concerns about direct targeting or unauthorized access.
According to cybersecurity researcher Jeremiah Fowler, who reported the issue to Website Planet, the database was quickly taken offline after disclosure.
However, it is unclear how long it was exposed — or whether others may have accessed the data before its removal.
The IP address linked the database to two domain names, neither of which appear to be active or traceable. The owner remains unidentified, and the hosting provider declined to release customer information.
Fowler’s analysis pointed to telltale signs of InfoStealer malware — a type of malicious software that extracts saved login credentials from infected systems.
While it’s not confirmed how the data was collected, infostealers are commonly spread via phishing emails, malicious websites, or cracked software.
Once harvested, the data is often resold on dark web marketplaces or used in fraud and identity theft.
The full scope of the breach, including who may have gained access to the credentials and for how long, remains unknown.
Check back to Daily Voice for updates.
Click here to follow Daily Voice Scarsdale and receive free news updates.
