-
-
The National Cyber Emergency Response Team (PKCERT) has issued a high-priority security alert following the discovery of a massive data breach that has impacted major platforms including Google, Microsoft, Facebook, and others.
According to cybersecurity researcher Jeremiah Fowler, a publicly accessible database containing usernames, passwords, emails, URLs, and sensitive account details was discovered online.
The database had no encryption, no password protection, and was openly available, raising serious concerns about user privacy and online safety.
According to the media reports, the breach reportedly exposed over 1.8 billion user records, including 184 million confirmed passwords.
Fowler revealed that the exposed data was likely harvested through infostealer malware, a malicious tool designed to grab login credentials and personal information from infected devices.
The compromised data includes credentials for not only social media platforms but also banking portals, government websites, and health platforms.
After finding the unprotected file, Fowler alerted the hosting provider, who has since removed the file. However, the identity of the file owner remains unknown, leaving open the question of whether the data exposure was accidental or malicious.
In response, PKCERT has urged all internet users in Pakistan to immediately change their passwords, especially for sensitive accounts, and to enable two-factor authentication (2FA).
Users are also advised to avoid clicking on suspicious links and monitor their accounts for unusual activity.
The breach highlights ongoing vulnerabilities in global cybersecurity, as billions of users continue to rely on digital platforms for everyday communication, transactions, and storage.
