A publicly accessible database containing 149 million stolen usernames and passwords has been taken offline after security researcher Jeremiah Fowler discovered the exposure and alerted the hosting provider. The trove - which Fowler calls a "dream wish list for criminals" - includes 48 million Gmail accounts, 17 million Facebook logins, and credentials for government systems, banks, and cryptocurrency platforms. The database appears to have been assembled using infostealing malware that silently harvests login data from infected devices.
An unsecured database containing 149 million usernames and passwords sat exposed on the internet until security researcher Jeremiah Fowler stumbled upon it and spent a month trying to get it removed. The massive credential trove has now been taken down, but not before Fowler documented what he describes as a cybercriminal's fantasy: login credentials spanning everything from Gmail and Facebook to government portals and cryptocurrency exchanges.
The numbers tell a staggering story. Fowler found 48 million Gmail credentials alongside 17 million Facebook logins and 420,000 accounts for Binance, the cryptocurrency trading platform. But the breach didn't stop at consumer services. Government login credentials from multiple countries sat in the database next to consumer banking portals, credit card accounts, and streaming service logins.
"This is like a dream wish list for criminals because you have so many different types of credentials," Fowler told WIRED. The database was publicly accessible through just a web browser, with no authentication required.
Fowler suspects the massive collection was assembled using infostealing malware - malicious software that infects devices and uses techniques like keylogging to capture everything victims type into websites. The database's structure supports this theory. It appeared designed for automatically indexing large volumes of logs, as if whoever set it up expected to process enormous amounts of incoming data on an ongoing basis.
