- 149M login records exposed from an unsecured infostealer dataset on a public server.
- Gmail led leaks with 48M records while Binance had about 420K exposed credentials.
- Companies confirmed malware infections on devices caused the leak, not system breaches.
The infostealer dataset leak uncovered by cybersecurity researcher Jeremiah Fowler has revealed one of the largest exposed collections of compromised credentials in recent years, involving approximately 149 million unique login records.
The dataset, discovered on an unsecured server, contained usernames, emails, passwords, and login URLs linked to a wide range of online services. According to Fowler, the data remained publicly accessible for more than a month before the hosting provider suspended access.
The exposed database, totaling about 96 gigabytes, included credentials gathered from malware-infected devices rather than from breaches of company systems. Multiple companies, including Google and Binance, confirmed that the incident did not originate from internal system compromises but from user-end infections caused by infostealer malware.
Platforms Affected by the Infostealer Dataset Leak
Fowler’s analysis shows that the infostealer dataset leak affected major consumer, financial, and government-linked services. Gmail accounts accounted for the largest share of exposed records, with an estimated 48 million credentials. Other affected platforms include Facebook (17 million), Instagram (6.5 million), Yahoo (4 million), Netflix (3.4 million), and Outlook (1.5 million).
The dataset also contained approximately 420,000 Binance login credentials, along with records linked to TikTok, iCloud, OnlyFans, and .edu email domains. Fowler reported the presence of credentials associated with government email addresses from several countries, raising concerns about potential misuse for phishing, impersonation, and unauthorized access attempts.
Wu Blockchain confirmed that Binance classified the incident as a user-device malware issue, not a system breach. Binance stated it would monitor dark web activity, notify affected users, reset passwords, and recommend hardware-based multi-factor authentication and antivirus protections.
Response and Security Measures
Google also confirmed that the incident did not result from a breach of its systems. A company spokesperson said the dataset represented credentials collected over time by third-party malware. Google stated that its systems automatically lock affected accounts and force password resets when exposed credentials appear online.
Fowler advised users to update operating systems, review browser extensions and applications, and install security software if they suspect device infections. He also emphasized downloading software only from official app stores.
Related: 16 Billion Passwords Leak in Largest Breach Ever—Apple, Google, Facebook Users at Risk
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
Source: https://coinedition.com/infostealer-dataset-leak-exposes-149-million-login-credentials/