Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: elasticsearch (1 article)Clear

Exposed database leaks 24 billion stolen credentials from infostealer logs

Cybernews researchers found an unprotected Elasticsearch database holding 24 billion records and over 8 terabytes of data, most of it infostealer logs: stolen usernames, passwords, and the services they unlock. The collection also pulls from Telegram channels and older breach dumps. Oddly, it included thousands of records tracking CVE vulnerabilities, breach news articles, and social-media posts about cyber incidents, with content as recent as 2026, suggesting the owner is actively curating and refreshing the stash with new leaks. The researchers could not determine how many records are duplicates, how old the data is, or who owns it.

Check
Check whether your email or domains appear in breach-tracking services, watch for credential-stuffing and account-takeover attempts, and look for infostealer infections on endpoints that could feed such collections.
Affected
Anyone whose credentials were captured by infostealer malware or exposed in past breaches; reused passwords are especially dangerous given the dataset's scale and the attacker's apparent effort to keep it current.
Fix
Reset reused passwords from clean devices, adopt a password manager with unique passwords, enable phishing-resistant MFA everywhere, and run endpoint scans to find and remove infostealer infections at the source.