Security researchers recently identified 30 online databases collectively containing 16 billion records, likely amassed through infostealing malware, according to a new report from Cybernews. These databases briefly became accessible to the public internet before being secured, though their ownership remains undetermined.
The discovered databases varied significantly in scale, with some containing millions of entries and others holding billions. Accounts from a diverse array of providers, including Google, Apple, various VPN services, GitHub, and Telegram, were present within these collections. Notably, only one of these 30 datasets, a database with 184 million records, had been previously documented in media reports. Cybernews researchers indicated that the volume of discovered data represents only a fraction of what their team found, suggesting a broader issue.
New, extensive datasets are reportedly emerging every few weeks, indicating the widespread nature of infostealer malware. While the identified databases were quickly secured, the inability to identify their owners complicates efforts to address the origin of the exposed data. It is probable that significant overlap exists among the records across these databases, making it challenging to ascertain the precise number of individuals impacted. Currently, approximately 5.5 billion people have internet access, and many individuals maintain multiple accounts, increasing the potential for multiple compromised accounts per user. Unprotected databases consistently represent a primary cause of data leaks.
UK watchdog fines 23andMe £2.31M for 2023 breach affecting 155K users
For years, security researchers have emphasized that many organizations do not fully comprehend the shared responsibility model inherent in cloud services, which mandates their active role in safeguarding and securing the data they generate. Conversely, cybercriminals exploit these exposed archives, which frequently contain sufficient sensitive information to facilitate highly personalized and effective phishing campaigns.
Such campaigns can lead to identity theft, wire fraud, and ransomware attacks. Individuals concerned about potential exposure can utilize resources such as HaveIBeenPwned? to check if their data has been compromised. For those who save passwords to a Google account, Google’s Password Checkup tool offers a method to determine if any saved passwords have been compromised.
