If you’ve been ignoring those pesky "suspicious login" alerts in your inbox, now might be the time to pay attention.
Cybersecurity researcher Jeremiah Fowler recently discovered an unprotected online database exposing over 184 million records — including email addresses, passwords and login links — stored in plain text. The leaked data is tied to major platforms like Apple, Google, Facebook, Microsoft and even government and financial services.
“As far as the risk factor here, this is way bigger than most of the stuff I find, because this is direct access into individual accounts,” Fowler told Wired. “This is a cybercriminal’s dream working list.”
The breach could fuel fraud, identity theft and more. So while data leaks might feel like background noise these days, ignoring this one could come back to bite — especially if your Netflix password doubles as your online banking login. Here’s some smart steps you can take to keep your information safe.
Don’t miss
- I’m 49 years old and have nothing saved for retirement — what should I do? Don’t panic. Here are 5 of the easiest ways you can catch up (and fast)
- Gain potential quarterly income through this $1B private real estate fund — even if you’re not a millionaire. Here’s how to get started with as little as $10
- Robert Kiyosaki warns of a ‘Greater Depression’ coming to the US — with millions of Americans going poor. But he says these 2 ‘easy-money’ assets will bring in ‘great wealth’. How to get in now
The cloud comes at a cost
In 2023, data breaches jumped 72% compared to the year before, but the number of victims actually declined to about 353 million, according to The Identity Theft Resource Center (ITRC) 2024 Annual Data Breach Report. But that all changed in 2024. While the number of breaches remained high, the number of people impacted surged by 312% — a dramatic shift driven by mega-breaches that hit not just companies, but their entire digital ecosystems.
As more companies shift to cloud services like AWS, Google Cloud and Microsoft Azure to cut costs, they’re also opening their door to hackers. A recent IBM report found that 82% of data breaches last year involved information stored in the cloud, as reported by the Wall Street Journal.
That kind of exposure can carry a hefty price tag — and recent breaches are showing just how costly a single vulnerability can be. Take crypto exchange Coinbase: on May 11, the company received a ransom email after bad actors bribed overseas support agents to steal internal information.
“These insiders abused their access to customer support systems to steal the account data for a small subset of customers,” the company said in a blog post. While the company says it didn’t pay, the breach could cost up to $400 million to fix.
Read more: Want an extra $1,300,000 when you retire? Dave Ramsey says this 7-step plan ‘works every single time’ to kill debt, get rich in America — and that ‘anyone’ can do it
Protecting yourself
Protecting your personal information online doesn’t require a tech degree — but it does take intention.
“This is perhaps a kick in the pants for some people who’ve been a little bit lax in doing some of the things we talk about,” said Teresa Murray of the U.S. Public Interest Research Group.
Murray suggests changing your passwords now and says one of the easiest things you can do is regularly update your passwords — and never reuse the same one (or even a similar one) across multiple sites. Your primary email and financial accounts should have strong, unique passwords that aren’t used anywhere else.
Murray also recommends freezing your credit files with all three major credit bureaus — Equifax, Experian and TransUnion — and leaving them frozen until you need to make a major purchase. This won’t affect your credit score, but it will make it much harder for criminals to open new accounts in your name.
Another step you can take is to enable multi-factor authentication (MFA) wherever it’s available. This adds an extra layer of protection, even if a hacker does get their hands on your login credentials. You can also use free tools like Google’s Password Checkup to see if your information has been compromised in a breach. If it has, update your login credentials as soon as possible.
Finally, sign up for transaction alerts from your credit card provider and make sure your contact details are up to date. When it comes to cybersecurity, vigilance really does pay.
What to read next
- JPMorgan sees gold soaring to $6,000/ounce — use this 1 simple IRA trick to lock in those potential shiny gains (before it’s too late)
- This is how American car dealers use the ‘4-square method’ to make big profits off you — and how you can ensure you pay a fair price for all your vehicle costs
- Here are 5 ‘must have’ items that Americans (almost) always overpay for — and very quickly regret. How many are hurting you?
Like what you read? Join 200,000+ readers and get the best of Moneywise straight to your inbox every week. Subscribe for free.
This article provides information only and should not be construed as advice. It is provided without warranty of any kind.
