Ad
Image: Bussarin/Adobe Stock
A leaked 47GB database has exposed more than 184 million records, potentially placing affected individuals at high risk of identity theft and cybercrime. The stolen login credentials include accounts from major global platforms such as Microsoft, Google, and Apple, as well as government and corporate email addresses spanning at least 29 countries.
Cybersecurity researcher Jeremiah Fowler discovered the exposed Elasticsearch database, which was quickly taken offline after he reported it. However, it remains unclear how long the database was publicly accessible or how many unauthorized parties may have accessed the data prior to its removal.
What we know
Fowler reported the massive, unprotected database to Website Planet, revealing hundreds of millions of entries containing user credentials. The data included credentials for bank accounts, health platforms, and government websites from multiple countries — exposing individuals to serious security threats, according to the researcher.
The database, which lacked both password protection and encryption, exposed credentials from major platforms also including Facebook, PayPal, and Netflix. In addition, it included more than 220 government-associated email addresses from countries such as the US, the UK, and China.
After Fowler alerted World Host Group, the hosting provider disabled access to the database to prevent further data exposure.
Must-read security coverage
What we don’t know
While the database is now offline, it is unknown how long it remained exposed before Fowler’s discovery, or whether it was accessed or downloaded by malicious actors.
The hosting provider declined to disclose customer information, but Seb de Lemos, chief executive officer of World Host Group, confirmed to WIRED that the database was hosted on an unmanaged client-controlled server, and added that the company’s legal team is reviewing the incident in coordination with law enforcement authorities.
Fowler noted the records appeared consistent with data exfiltrated by infostealer malware, but stressed there was no proof of immediate evidence of internal compromise or active user data abuse has been confirmed. He also clarified that his analysis was conducted solely for educational and public awareness purposes, and does not constitute verification of a data breach.
Infostealer attacks on the rise
The surge in infostealer malware activity has reached critical levels, with both IBM and Check Point Безопасность highlighting dramatic increases recently.
IBM’s X-Force 2025 Threat Intelligence Index reported an 84% surge in phishing emails delivering infostealers throughout 2024, indicating a shift toward stealthier credential theft tactics. Meanwhile, the Check Point Cybersecurity Report 2025 revealed a 58% uptick in infostealer attacks, with many targeting corporate systems It also showed that over 10 million stolen infostealer logs are currently being traded on underground markets.
This exposure of 184 million records underscores the growing scale and severity of credential harvesting operations, which can lead to identity fraud, unauthorized access, and widespread corporate breaches. Experts recommend using strong passwords, enabling multi-factor authentication, and staying alert for unusual account activity.
Ad
SomaDerm, SomaDerm CBD, SomaDerm AWE (by New U Life).