JAKARTA - The world of cyber security was surprised by the discovery of a large unprotected database, which exposed about 149.4 million unique login data from various popular world services. This giant data leak was first discovered by security researcher Jeremiah Fowler and his report has been shared with ExpressVPN.
The 96GB data was found in a raw state without any encryption or password protection at all, so anyone who finds the database can access the usernames and passwords of millions of people from various platforms such as Gmail, Facebook, Instagram, TikTok, and financial services such as Binance.
The scale of the leak is very worrying because it covers various sectors of users' digital lives around the world. From the category of email providers, it is recorded that there are 48 million Gmail accounts that are exposed, followed by 4 million Yahoo accounts, 1.5 million Outlook accounts, and 900,000 iCloud accounts.
If it is assumed that each leaked account has an average economic value or loss risk of at least 10 US dollars or around Rp. 167,560 due to the potential for identity theft, then the total material loss risk from all of these leaked accounts could theoretically reach more than 1.49 billion US dollars or equivalent to Rp. 24.9 trillion. This figure illustrates how massive the threat faced by users if their data is misused for cybercriminal acts.
The entertainment and social media sectors also contributed significantly to the number of leaks, with 17 million Facebook accounts, 6.5 million Instagram accounts, 780,000 TikTok accounts, and 3.4 million Netflix accounts identified in the database.
In fact, adult subscription services such as OnlyFans recorded 100,000 leaked data, while the financial sector recorded 420,000 compromised Binance accounts. The most worrying thing for the stability of state security is the discovery of a number of credentials related to ".gov" domains from various countries, which can be used by hackers to carry out impersonation, high-level phishing attacks, or digital espionage.
Until now, it is not known for sure who the owner or manager of the unprotected database is, but the impact is expected to be felt in the long term. Security experts advise all users of the services mentioned to immediately change their passwords and enable two-factor authentication (2FA) as a preventive measure.
This incident is a stark reminder for digital service providers and big data managers about how fatal it is to neglect to maintain the integrity of user data, which is now on the verge of being exploited by malicious actors in cyberspace.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
