Unsecured database leak exposes 184 million login records from major technology platforms

A significant data leak has exposed over 184 million user records from a 47GB unprotected database, putting millions of individuals at heightened risk of identity theft and cybercrime. The records, which include login credentials from major technology platforms such as Microsoft, Google, Apple, Facebook, PayPal, and Netflix, were discovered on an unsecured Elasticsearch server.

Cybersecurity researcher Jeremiah Fowler uncovered the exposed database and promptly reported it to Website Planet. The hosting provider, World Host Group, swiftly took the database offline after receiving the alert. Despite the rapid response, it remains unknown how long the database was publicly accessible or whether it had already been accessed or downloaded by malicious actors prior to its removal.

Fowler described the database as entirely unprotected—lacking both password authentication and encryption—and revealed that it contained not only personal credentials for popular platforms but also access details linked to bank accounts, health portals, and government services. Among the affected were more than 220 government-affiliated email addresses from at least 29 countries, including the United States, the United Kingdom, and China.

World Host Group CEO Seb de Lemos confirmed that the database resided on an unmanaged, client-controlled server. While the company declined to reveal details about the customer responsible for the data, de Lemos stated that their legal team is working with law enforcement authorities to investigate the matter.

Fowler emphasized that while the data appears consistent with information harvested through infostealer malware, there is currently no confirmed evidence of internal system compromise or misuse of the exposed data. He clarified that his research was conducted purely for public awareness and educational purposes and does not constitute official verification of a data breach.

The discovery comes amid a sharp rise in infostealer malware activity worldwide. IBM’s 2025 X-Force Threat Intelligence Index reported an 84% increase in phishing emails used to distribute infostealers during 2024. Similarly, Check Point’s 2025 Cybersecurity Report noted a 58% rise in infostealer-based attacks, many of which specifically target corporate systems. The report also estimated that over 10 million stolen infostealer logs are actively circulating in underground marketplaces.

Experts warn that the exposure of 184 million records reflects the growing scope of credential harvesting operations and the vulnerabilities of unsecured cloud environments. Such data can be exploited to gain unauthorized access to personal and organizational systems, potentially leading to identity fraud, financial theft, and large-scale data breaches.

Cybersecurity professionals advise all users to implement strong, unique passwords across platforms, enable multi-factor authentication where possible, and monitor accounts for unusual activity. As attackers continue to refine their methods, these protective measures are increasingly essential for mitigating the risk posed by data exposure on such a massive scale.