Urgent warning to U.S. consumers after security breach of 184,000,000 passwords – who exposed it

0 0 3 minutes read

Urgent warning to U.S. consumers after security breach of 184,000,000 passwords – who exposed it

If you've been ignoring those annoying “suspicious login” alerts in your inbox, it might be time to take note.

Cybersecurity researcher Jeremiah Fowler recently discovered an unprotected online database that exposed more than 184 million records, including email addresses, passwords and login links, stored in plain text. The leaked data is related to major platforms such as Apple, Google, Facebook, Microsoft and even government and financial services.

Fowlers are often able to trace exposed databases to their source – recording bread libraries in bread libraries such as company names, employee records, or customer information. But this time, the trail runs. There is no obvious sign of who the data belongs to or how it ends online, making the violation even more disturbing.

“In terms of the risk factor here, this is bigger than most things I've found because it's direct access to a single account,” Fowler told Wired. “This is a list of dream jobs for cybercriminals.”

Violations can exacerbate fraud, identity theft, etc. So while data leaks today may feel like background noise, ignoring this noise can potentially bite people again – especially if your Netflix password doubles when you log in to your online bank. There are some wise steps you can take to keep your information safe.

Don't miss it

Cloud comes at a price

Among the 10,000 recording samples, Fowler found hundreds of damaged accounts, including major consumer platforms such as Netflix, PayPal, Amazon and Apple. A keyword search showed references to 187 “banks” and 57 “wallets”, suggesting that the violation may also expose financial data. However, the most worrying thing is the discovery of 220 email addresses related to the .gov domain, increasing the possibility of a wider impact on national security.

The scale of cyberattacks is not only growing, but will develop in ways that are increasingly difficult to include, track and remediate.

According to the Identity Theft Resource Center (ITRC) 2024 Annual Data Breach Report, in 2023, data breaches increased by 72% compared to the previous year, but the number of victims actually fell by about 353 million. But all of this has changed in 2024. While the number of violations remains high, the number of people affected soared by 312%, a huge shift driven by not only the massive outbreak that attacked the company, but also created the entire digital ecosystem.

As more companies move to AWS, cloud services like Google Cloud and Microsoft Azure to reduce costs, they also open the door to hackers. According to the Wall Street Journal, a recent IBM report found that 82% of data breaches involved information stored in the cloud last year.

This exposure could lead to high prices – recent violations suggest the cost of single vulnerability. Adopting crypto exchange Coinbase: On May 11, the company received a ransom email after bad actors bribed overseas support agents to steal internal information.

“These insiders abused their access to the customer support system to steal account data from a small percentage of customers,” the company said in a blog post. While the company said there was no payment, the breach could cost up to $400 million to resolve.

Read more: Want an extra $1,300,000 when you retire? Dave Ramsey says this 7-step plan “can kill debt every time, wealthy in the United States – “anyone” can do it

Protect yourself

Protecting your personal information online does not require a technical degree, but it does intentionally.

“For some people who do something a little lax about what we're talking about, maybe it's a kick in the pants,” said Teresa Murray of the American Public Interest Research Group.

Murray recommends changing your password now and says one of the easiest things you can do is to update your password regularly and never reuse the same password (or even a similar one) on multiple sites. Your primary email and financial account should have a strong unique password that is not used anywhere else.

Murray also recommends freezing your credit files using all three major credit bureaus (Equifax, Experian and Transunion) and freezing them until you need to make a large purchase. This won't affect your credit score, but it will make it more difficult for criminals to open a new account in your name.

Another step you can take is to enable multifactor authentication (MFA) anywhere. This adds additional protection even if the hacker does have access to your login credentials. You can also use free tools such as Google's password check to see if your information is compromised in the vulnerability. If so, please update your login credentials as soon as possible.

Finally, sign up for a transaction reminder from your credit card provider and make sure your contact details are up to date. When it comes to cybersecurity, beware that it does give.