Massive Data Leak Hits Instagram, Facebook, Snapchat, and More, As 184 Million Logins Get Exposed

On May 27, 2025, cybersecurity researcher Jeremiah Fowler uncovered an unsecured database containing over 184 million unique login credentials. The exposed data includes emails, passwords, and authorization URLs from platforms such as Instagram, Roblox, Facebook, Snapchat, and various others .

Fowler attributes the breach to infostealer malware, malicious software designed to extract sensitive information from infected devices. These infostealers infiltrate systems through phishing emails, malicious websites, or bundled with cracked software, silently harvesting credentials stored in browsers, email clients, messaging apps, and even crypto wallets.

Also read: Meta’s Open Source AI Is Contributing to Economic Growth, Study Finds

The database, totaling 47.42 GB, was publicly accessible without encryption or password protection. It contained login credentials for a wide range of services, including email providers, Microsoft products, and various social media platforms .

Although the hosting provider has since removed the database from public view, the scale of the breach underscores the pervasive threat of infostealer malware. Each infected device can yield dozens or hundreds of credential sets, amplifying the potential for identity theft and unauthorized access to personal accounts.

Users are urged to change their passwords regularly, avoid reusing them across multiple accounts, and enable two-factor authentication wherever possible. Regularly auditing and cleaning email inboxes of sensitive documents can also mitigate risks associated with such breaches.