Welcome to ZisNews!

Read your favorite news, except the excluded topics, by you. Register
No overlapping ads for registered users

Massive breach exposes 149 million Instagram, Gmail, OnlyFans passwords: How to stay safe?

Posted on: Jan 24, 2026 14:00 IST | Posted by: Livemint
Massive breach exposes 149 million Instagram, Gmail, OnlyFans passwords: How to stay safe?

A monumental cybersecurity incident has been uncovered where 149 billion unique logins and passwords were open. All the same, this was non part of some nefarious plan by a hacker, but a cybersecurity researcher found 149,404,754 unique logins and passwords, totaling around 96 GB of raw credential data, left completely open without password protection or encryption, making it accessible to anyone who knew where to look.

The leak was uncovered by cybersecurity researcher Jeremiah Fowler, who shared his findings via ExpressVPN.

Which apps were affected in the data leak?

Fowler found that the exposed records included usernames and passwords spanning across almost every major online service imaginable. Among the affected services were social media platforms like Facebook, Instagram, TikTok and X (formerly Twitter), dating sites and OnlyFans accounts.

The leak also exposed a large number of streaming and entertainment accounts, including Netflix, HBO Max, Disney Plus, and Roblox, along with financial services accounts, crypto wallets, banking logins, and even credentials associated with government (.gov) domains.

Here's a complete list of everything that was affected:

Email Accounts: Fowler estimates around 48 million Gmail accounts, 4 million Yahoo accounts, and 1.5 million Outlook accounts were found in the leak.

Social Media: The database contained logins for 17 million Facebook accounts, 6.5 million Instagram accounts, 780k TikTok accounts, and numerous X credentials.

Entertainment: Around 3.4 million Netflix account credentials were exposed in the leak. Other entertainment services hit include HBO Max, Disney Plus, and Roblox. However, the researcher didn't share exact data on the number of accounts compromised.

Financial & Gov: The leak included around 420k Binance accounts, banking logins, and even government credentials (.gov domains) from multiple countries.

How was the data leaked?

Fowler says that the database appeared to have been created by ‘infostealer’ malware, which is a type of malicious software that is designed to silently infect devices and harvest credentials.

“When data is collected, stolen, or harvested it must be stored somewhere and a cloud-based repository is usually the best solution. This discovery also shows that even cybercriminals are not immune to data breaches,” Fowler noted in his report.

Is the stolen data still online?

Fowler said that he had reported the database to the hosting provider, but it took them a month before the hosting was suspended and millions of stolen credentials were no longer accessible. He says the hosting provider would not disclose any additional information regarding who managed the database, and it is not even certain if the information was gathered for legitimate research purposes or for criminal activity.

During the month-long period that the hosting wasn't suspended, Fowler said that the number of records actually increased, which suggests that the malware was feeding new stolen data into the repository.

What can you do to stay protected?

Fowler says simply changing your passwords might not be enough to protect you from infostealer malware. He says if your device is infected with malware, any new password you type will also be captured.

He suggests a few ways to protect yourself online:

1) Scan for Malware

Fowler says that malware spreads through malicious email attachments, fake software updates, compromised browser extensions, and even deceptive advertisements.

He suggests taking a few immediate actions if you suspect your device to be affected by malware:

Install antivirus software if you don't have it and run a full scan to remove anything flagged as malicious or suspicious.

On your mobile, update the operating system and security software to the latest version. Additionally, also check your app permissions by going to settings to see which apps have access to your keyboard settings, accessibility, and device admin settings.

2) Use a password manager:

Fowler says using a password manager can reduce some of the basic risks posed by infostealer malware and keyloggers. They can encrypt user data and prevent simple keyloggers from capturing typed passwords.

3) Two-factor authentication:

The researcher advises enabling two-factor authentication or biometric protections to add an additional verification step for preventing unauthorized access to accounts by criminals using compromised passwords.

4) Don't reuse passwords:

Fowler says that passwords should not be reused across different sites, apps, or services.

Lenovo Product

Global News Perspectives

In today's interconnected world, staying informed about global events is more important than ever. ZisNews provides news coverage from multiple countries, allowing you to compare how different regions report on the same stories. This unique approach helps you gain a broader and more balanced understanding of international affairs. Whether it's politics, business, technology, or cultural trends, ZisNews ensures that you get a well-rounded perspective rather than a one-sided view. Expand your knowledge and see how global narratives unfold from different angles.

Customizable News Feed

At ZisNews, we understand that not every news story interests everyone. That's why we offer a customizable news feed, allowing you to control what you see. By adding keywords, you can filter out unwanted news, blocking articles that contain specific words in their titles or descriptions. This feature enables you to create a personalized experience where you only receive content that aligns with your interests. Register today to take full advantage of this functionality and enjoy a distraction-free news feed.

Like or Comment on News

Stay engaged with the news by interacting with stories that matter to you. Like or dislike articles based on your opinion, and share your thoughts in the comments section. Join discussions, see what others are saying, and be a part of an informed community that values meaningful conversations.

Download the Android App

For a seamless news experience, download the ZisNews Android app. Get instant notifications based on your selected categories and stay updated on breaking news. The app also allows you to block unwanted news, ensuring that you only receive content that aligns with your preferences. Stay connected anytime, anywhere.

Diverse News Categories

With ZisNews, you can explore a wide range of topics, ensuring that you never miss important developments. From Technology and Science to Sports, Politics, and Entertainment, we bring you the latest updates from the world's most trusted sources. Whether you are interested in groundbreaking scientific discoveries, tech innovations, or major sports events, our platform keeps you updated in real-time. Our carefully curated news selection helps you stay ahead, providing accurate and relevant stories tailored to diverse interests.

Login to Like (0) Login to Dislike (0)

Login to comment.

No comments yet.

Category News

Technology Entertainment Sports Science World

Country News

India USA Canada France China Russia Italy
Total Requests: 12315 | Unique IPs: 63507

© 2026 ZisNews. All rights reserved.