Khaberni - Cybersecurity experts issued an urgent warning to hundreds of millions of email users and social media platforms worldwide after discovering a massive data leak involving approximately 149 million online accounts, with Gmail accounts being the majority.
According to media reports, a huge database containing stolen credential data was recently revealed, including about 48 million Gmail accounts, being the most affected service, followed by Facebook with about 17 million accounts.
The leak also included about 6.5 million Instagram accounts, 4 million Yahoo Mail accounts, 3.4 million Netflix accounts, and 1.5 million Outlook accounts.
The breach extended to include other accounts on various services, including iCloud, university emails (.edu), and platforms like TikTok and OnlyFans, as well as accounts associated with the Binance cryptocurrency platform.
According to cybersecurity researcher Jeremiah Fowler, an exposed database containing 149 million compromised records was detected, and Fowler explained that thousands of files within this database included email addresses, usernames, passwords, as well as login links or account authorizations.
The researcher confirmed that the leaked data was collected from victims around the world, covering a wide range of popular digital services, making the extent and severity of the leak exceptional.
Fowler clarified that the data did not result from a direct hack of major companies' servers but rather from "Infostealer" malware, which steals login data from personal devices infected with viruses, then these data are later compiled into massive databases.
How can you check if your account has been compromised?
According to experts, users are advised to visit the website Have I Been Pwned, enter their email address in the search box, where the site will reveal if the email has appeared in any data leaks over the past ten years.
If the data breach is confirmed, it is recommended to change the password immediately and not reuse it on any other services.
How can you protect your account?
Cybersecurity experts urge users to act immediately in case they suspect their accounts have been compromised, by:
- Changing passwords immediately, especially for accounts linked to email.
- Enabling two-factor authentication (2FA) to increase security levels.
- Updating operating systems on all devices.
- Installing or updating security software and performing a comprehensive scan.
- Reviewing permissions of installed applications and programs and deleting any suspicious software.
- Downloading apps and extensions only from official stores.
Google confirmed that it is aware of reports about the existence of a database containing a wide range of login data, including some Gmail accounts. In a statement, they explained that this data represents a compilation of records from external spyware that stole data from personal devices over a long period.
Google emphasized that it continues to monitor this kind of activity and has automated protection systems that lock affected accounts and force users to reset passwords immediately upon detecting any exposed credentials, as part of its ongoing efforts to protect user accounts from hacking.
