XPost: talk.politics.guns, sac.politics, alt.comp.os.windows-11
XPost: misc.phone.mobile.iphone
Apple login credentials were among a massive database of 184 million
records found sitting unprotected on a web server. Other logins included Facebook, Google, Instagram, Microsoft, and PayPal.
The owner of the database is unclear, but the security researcher who discovered it says that it amounts to "a cybercriminal's dream working
list" ...
Jeremiah Fowler said that the database itself was not protected in any
way, and was simply sitting on a web hosting server. It includes logins
for various government portals, as well as banks and other financial
service companies.
The publicly exposed database was not password-protected or encrypted.
It contained 184,162,718 unique logins and passwords, totaling a massive
47.42 GB of raw credential data.
In a limited sampling of the exposed documents, I saw thousands of files
that included emails, usernames, passwords, and the URL links to the
login or authorization for the accounts. The database contained login
and password credentials for a wide range of services, applications, and accounts [...]
I also saw credentials for bank and financial accounts, health
platforms, and government portals from numerous countries that could put exposed individuals at significant risk.
The list of credentials included Apple IDs. The database is so large
that Fowler hasn't been able to identify every service it includes, but
among them are logins for:
Apple
Amazon
Discord
Facebook
Google
Instagram
Microsoft
PayPal
Snapchat
Twitter
WordPress
Yahoo
He was able to verify the authenticity of the personal data by emailing
some of those whose records were included and confirming that the
passwords included were genuine.
He contacted the web hosting company to report it, and they restricted
access to it but would not confirm details of the owner of the account.
Fowler believes that the data was likely gathered from infostealers -
malware specifically designed to mine devices for personal information.
The records exhibit multiple signs that the exposed data was harvested
by some type of infostealer malware [...] This malware usually targets credentials (like usernames and passwords) stored in web browsers, email clients, and messaging apps. Some variants of the malware can also steal autofill data, cookies, and crypto wallet information - some can even
capture screenshots or log keystrokes.
Common methods for deploying infostealers include phishing emails and
pirated software.
One specific danger is criminals using phishing attacks to gain access
to email accounts, like Gmail. This can be an absolute treasure trove of
data for criminals.
Many people unknowingly treat their email accounts like free cloud
storage and keep years' worth of sensitive documents, such as tax forms, medical records, contracts, and passwords without considering how
sensitive they are. This could create serious security and privacy risks
if criminals were to gain access to thousands or even millions of email accounts.
sensitive information is stored in your email account and regularly
deleting old, sensitive emails that contain PII, financial documents or
any other important files.
Fowler said that as an ethical researcher, he did not download the
database, and instead sampled it using screenshots for the purposes of contacting victims to confirm details.
https://9to5mac.com/2025/05/22/apple-logins-with-plain-text-passwords-fou nd-in-massive-database-of-184m-records/
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)