Apple and Google users, as well as social media fans should think about changing passwords after a “criminal’s dream” massive data breach compromised more than 184 million passwords online.
Cybersecurity researcher Jeremiah Fowler shared with The New York Post a new report that found Apple and Google usernames and passwords and social media logins and bank accounts were involved in the breach. According to Fowler, information from health services and government portals were also involved.
“Many people unknowingly treat their email accounts like free cloud storage and keep years’ worth of sensitive documents, such as tax forms, medical records, contracts, and passwords without considering how sensitive they are. This could create serious security and privacy risks if criminals were to gain access to thousands or even millions of email accounts,” Fowler said.
The data breach was of a publicly accessible database of 184,162,718 logins and passwords connected to Google and Microsoft products, Facebook, Instagram and Snapchat. Malware known as infostealer may have compiled the information in the database and sensitive information was probably taken directly from users’ web browsers, cookies, autofill, emails and messaging app data.
A Snapchat representative reported that evidence of a breach was not found on its platform. Fowler contacted the hosting provider after he found the unprotected database and it was removed from public access. However, without the provider sharing the file’s name, Fowler said he could not determine if the database was created legitimately and accidentally exposed.
“From a cybersecurity perspective, I highly recommend knowing what sensitive information is stored in your email account and regularly deleting old, sensitive emails that contain PII, financial documents or any other important files. If sensitive files must be shared, I recommend using an encrypted cloud storage solution instead of an email,” Fowler said.
Yahoo News reported that the database was deleted, but no one can be sure who accessed the information before it was deleted.
Share
Rebecca Barnabi
