A major cybersecurity incident has recently come to light involving the exposure of 149 million usernames and passwords from widely used online accounts, including Gmail, Facebook, Instagram, Netflix and many others. The leaked data was stored in an unsecured database that remained publicly accessible online, potentially allowing cybercriminals to steal or misuse login credentials for multiple services.
What Happened in the Leak?
Cybersecurity researcher Jeremiah Fowler discovered a massive, unprotected database that contained about 149 million unique login credentials — usernames and passwords — from various popular online services. The database was reportedly about 96 GB in size, and contained a large amount of structured credential data that anyone could access without passwords or encryption.
Experts believe this credential cache was assembled using infostealer malware — malicious software that infects computers and steals stored passwords by recording keystrokes or harvesting data typed into login forms.
Which Accounts Were Affected?
The exposed credentials appear to span a wide range of platforms and service types:
- Gmail accounts — around 48 million
- Yahoo accounts — about 4 million
- Facebook accounts — about 17 million
- Instagram accounts — around 6.5 million
- Netflix accounts — approximately 3.4 million
- Outlook accounts — around 1.5 million
- TikTok, OnlyFans, Binance, iCloud and other services were also included in the leaked dataset.
This means both email services and entertainment platforms have exposed credentials in the leak.
Was It a Direct Company Breach?
According to reports and cybersecurity experts, the data exposure was not due to a breach of Google, Meta (Facebook/Instagram), Netflix or similar companies’ servers themselves. Instead, the data was likely compiled by malware running on users’ own devices or systems, gathering credentials and storing them in a third‑party database that was left unsecured.
In simple terms: the services weren’t hacked directly — but users’ login details were collected and stored insecurely by malicious software or actors.
What Are the Risks from This Leak?
A leak of this scale can pose serious dangers if accounts are compromised, including:
- Account Takeovers: Attackers could attempt to log in to exposed accounts, especially if a password is reused across multiple services.
- Identity Theft: Credential leaks make identity theft more likely if personal details are tied to those logins.
- Financial Fraud: If banking or financial service credentials were also exposed, accounts could be misused.
- Phishing and Social Engineering: Stolen credentials help criminals craft more realistic scams against users.
Security researchers stress that because the data included login URLs and passwords, automated “credential‑stuffing” attacks are a real possibility if users haven’t changed compromised passwords or enabled strong defenses.
How to Check If You’ve Been Affected
One reliable way to check if your email or username appears in known breaches is to use services like Have I Been Pwned (haveibeenpwned.com). These tools allow you to enter your email and see if it has shown up in public leaks and breaches.
Steps to Secure Your Accounts
If you use any of the affected platforms (or use the same password across multiple sites), take these precautions immediately:
1. Change Passwords Immediately
Create strong, unique passwords for each online account. Avoid reusing the same password across multiple services.
2. Enable Two‑Factor Authentication (2FA)
Turn on 2FA wherever possible. This adds an extra layer of security by requiring a second verification step (SMS code, authenticator app, etc.) in addition to your password.
3. Use a Password Manager
Password managers can create and safely store complex unique passwords for all your accounts — reducing the risk of reuse and credential leak impact.
4. Update Antivirus and Run Scans
Scan all your devices with reputable antivirus software to detect and remove any malware that might be stealing credentials.
5. Monitor Login Alerts and Account Activity
Enable login alerts and check recent activity on your accounts regularly. If you see unusual sign‑in attempts, take action immediately.
6. Close or Disable Inactive Accounts
Removing old accounts you no longer use reduces your exposure and removes potential attack vectors.
7. Watch out for Phishing and Suspicious Links
Don’t click on unexpected links or open attachments from unknown senders — these are common ways malware spreads.