Open database, open door for criminals
A huge data leak has shaken the internet: Over 184 million login details - including email addresses, passwords, social media logins and even bank details - were lying around unprotected on the web. US cybersecurity expert Jeremiah Fowler came across the explosive database and reported it immediately. The hosting provider quickly shut down access - but by then the damage had already been done.
What is particularly alarming is that the data presumably originates from so-called InfoStealer malware attacks. These malware programs search compromised devices specifically for stored access data - and automatically upload it to central databases. These then often end up on the darknet or, as in this case, openly and freely accessible on the internet.
Danger for everyone - not just for technology amateurs
The accounts affected range from everyday services such as Microsoft Office, Facebook or Instagram to sensitive financial accounts. What is particularly insidious is that even those who think they are safe could be affected without knowing it. This is because the database contains information that is sometimes years old and sometimes up-to-date - and many users reuse passwords over the years.
Facebook has once again become the target of a major leak. It is unclear how many users are affected - but one thing is clear: global fraud attempts are only a matter of time.
Criminals could use the data to send targeted phishing emails, hijack accounts or even carry out bank transactions.
Act now: How to protect yourself against digital identity theft
Cybersecurity experts urgently recommend taking immediate protective measures - not just in case of suspicion, but as a precaution:
- Change passwords - and do so regularly.
- Never use the same password for several services.
- Activate two-factor authentication wherever possible.
- Use a password manager - for strong and unique logins.
- Check whether your own data is affected - e.g. at haveibeenpwned.com
Many platforms also offer security checks or report unusual activities - it may be worth taking a look at your account settings.
The problem lies not only in the database - but in the system.
As long as companies are sloppy with user data and regulations are barely effective, we will continue to see leaks like this. And to be honest, the fact that over 184 million data records were publicly available is an embarrassment for digital responsibility in the 21st century.
Data protection must not be a by-product. Anyone who collects data must also damn well protect it. And better than before. Because when millions of user data are openly available online, it's not a technical oversight - it's gross negligence.
As long as digital security remains voluntary, the consequences will remain the same - but not for the perpetrators, but for the users. And that is the real scandal.
