Over 184 million passwords from Google, Apple, Facebook leaked, says researcher

In a shocking turn of events in the world of cybersecurity, a huge stash of sensitive user data has been found floating around unprotected on the internet. This leaked information includes login credentials for major platforms, from social media powerhouses to financial institutions, healthcare systems, and even government services, raising serious alarms about digital safety and the risk of identity theft.

Over 184 million credentials from tech giants found in unsecure online file

A cybersecurity researcher has stumbled upon a database online that reportedly holds more than 184 million usernames, passwords, and authorisation URLs tied to major platforms like Apple, Google, Facebook, Microsoft, Instagram, and Snapchat. The researcher, who discovered this breach, noted that the data was stored in plain text without any encryption, meaning anyone who came across the file could access the information without any barriers.

But it’s not just the big tech companies that are affected; the leak also includes login details for banking portals, health records, and government service platforms—raising serious concerns among cybersecurity experts. According to reports, the researcher believes the data likely came from infostealing malware, a nasty program designed to snatch user data from compromised devices. One such malware, Lumma Stealer, is often used to gather sensitive information that’s later sold on the dark web.

Sources stated that the researcher reached out to the hosting provider that was storing the unsecured file, prompting quick action to limit access. However, the company didn’t disclose any information about who owned the database. To confirm the breach's authenticity, He contacted several individuals whose credentials were listed—and they verified that their data had indeed been compromised.

Experts are urging users and businesses to update their passwords immediately, avoid reusing login credentials across different platforms, and enable multi-factor authentication to reduce the risk of further exposure. As digital threats become increasingly sophisticated, maintaining basic security practices is more crucial than ever.