Security Alert! Experts reveal 149 million accounts and passwords leaked worldwide, affecting 420,000 Binance accounts.

Security researchers reveal 149 million account credentials leaked worldwide, with over 420,000 involving Binance users. Experts warn of high risks associated with credential stuffing attacks.
(Background: Job interview turns out to be a North Korean hacker trap! PurpleBravo infiltrates over 3,100 IP addresses, with AI and cryptocurrency companies as the main targets)
(Additional background: North Korean hackers set a record in 2025 by stealing $2.02 billion in cryptocurrency, with a money laundering cycle of about 45 days)

Security researcher Jeremiah Fowler recently discovered an unprotected public database exposing approximately 149 million user account and password combinations, totaling up to 96GB of data. The data includes mainstream services such as Gmail, Facebook, Instagram, Netflix, Outlook, iCloud, bank accounts, government services, dating platforms, and Roblox. The incident has quickly attracted significant attention from the global cybersecurity community and serves as a reminder of the importance of endpoint security.

Details of the Database Content

The database was unsecured, without passwords or encryption protections, allowing anyone to access and search it directly. Cybersecurity experts describe it as a “dream list” for criminals. Among the data, about 420,000 credentials are related to the cryptocurrency exchange Binance, raising concerns among some users about asset security. Other leaked credentials come from Gmail (about 48 million), Facebook (about 17 million), and various daily life and financial services, covering a wide range of platforms.

Cybersecurity experts point out that this incident was not due to a breach of exchange systems but was compiled through malware such as Infostealer, which steals data from users’ personal devices (computers, smartphones). These malicious programs often disguise themselves as game cheats, cracked software, or free tools. If users inadvertently download or click on such files, their browser-stored passwords, cookies, autofill data, and more can be stolen, ultimately forming a large credential dataset.

Experts emphasize that the main risk of such incidents is credential stuffing: hackers use leaked usernames and passwords to attempt logins on other platforms. This is especially dangerous when users reuse the same credentials across multiple sites, leading to a chain reaction of account compromises.

Binance Official Recommendations and Protective Measures

In response to the leak, Binance stated that their platform systems have no vulnerabilities. They are currently monitoring dark web activities and will proactively notify affected users to reset their passwords. Binance and security experts strongly recommend users take the following measures:

• Enable multi-factor authentication (MFA/2FA) using hardware security keys or authenticator apps, prioritizing hardware tokens over SMS verification
• Use a password manager to generate and store unique, strong passwords
• Install reputable anti-malware software and perform regular full scans
• Avoid downloading unknown software or clicking suspicious links

This leak of 149 million account credentials once again highlights the importance of endpoint security. Experts advise that, beyond strengthening password management and multi-factor authentication, maintaining vigilance in daily operations—such as avoiding downloads of unknown software or clicking suspicious links—is the most direct and effective way to protect personal accounts and digital assets.