logo

24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data

ID: e24b15a4-e72b-5a83-970e-b36b78876407

STIX ID: report--e24b15a4-e72b-5a83-970e-b36b78876407

Feed Name: TechRepublic Security

Threat Score
85/100

Date Published: 2026-06-18

Date Updated: 2026-06-19

Author: Aminu Abdullahi

...
...

Cybernews researchers discovered a publicly accessible Elasticsearch cluster containing roughly 24 billion records of stolen credentials, primarily infostealer logs and aggregated collections from sources like Telegram channels and breach compilations. The dataset included plaintext usernames, passwords, service URLs, and some security-tracking artifacts; although the cluster was taken offline, the scale raises severe risk due to credential reuse and potential credential stuffing. Users are advised to change reused passwords, enable multi-factor authentication, and use password managers to mitigate account takeover risk.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.