Security Researcher Discloses Theft of Over 1.49 Billion Credentials by Malware, Impacting Users of Platforms Such as Gmail, Facebook, and Binance

BlockBeats News, January 26th: Cybersecurity researcher Jeremiah Fowler recently discovered a publicly accessible large-scale database. According to his findings disclosed in a blog post by ExpressVPN, the database contains approximately 149 million records of usernames and passwords from private mobile phones and computers. The services involved in these credentials include Facebook, Instagram, Netflix, and Binance, with at least 420,000 records associated with Binance users.

The leaked data also includes 48 million Gmail accounts, 4 million Yahoo accounts, 17 million Facebook accounts, 6.5 million Instagram accounts, 3.4 million Netflix accounts, 780,000 TikTok accounts, and more.

The researcher also pointed out that the number of credentials related to government-related accounts and .gov domain names is concerning, opening the door to phishing attacks where attackers could impersonate government agencies.

A Binance spokesperson responded to this by stating, "Information stealers are a known form of malware that steal credentials when a user's device is compromised. This data did not come from a Binance leak."