- Select a language for the TTS:
- UK English Female
- UK English Male
- US English Female
- US English Male
- Australian Female
- Australian Male
- Language selected: (auto detect) - EN
Play all audios:
Facebook and email users urged to change passwords after massive data breach uncoveredCybersecurity experts have confirmed that a data breach has exposed millions of users' login
credentials.CommentsLifestyleDavid Snelling and Eilidh Farquhar Trainee Affiliates Writer10:27, 29 May 2025Millions of social media login credentials have been leaked through a data
breach.(Image: Matt Cardy/Getty Images) Millions of people have been placed on high alert after reports that a data breach has taken place over many popular social media apps and emails.
Anyone that has an email account or uses apps such as Facebook, Snapchat and Instagram are being urged to change their passwords due to the new risk.
Cybersecurity experts have confirmed the massive data leak has exposed a staggering 180million unique login credentials across a multitude of sites. Leaked details include social media,
gaming and email passwords.
It is thought that the three major technology companies - Google, Meta and Microsoft - have been exposed to the sudden breach, leaving millions of accounts at risk of attack. While it is
unclear who else has seen the data, it is important that account users don't become complacent.
Cybersecurity researcher Jeremiah Fowler made the discovery as he said he found an unsecured database containing over 184million unique login credentials, reports the Express.
Millions of people are being urged to change their passwords.(Image: Getty Images) Fowler explained: "The publicly exposed database was not password-protected or encrypted.
Article continues below "It contained 184,162,718 unique logins and passwords, totalling a massive 47.42 GB of raw credential data. In a limited sampling of the exposed documents, I saw
thousands of files that included emails, usernames, passwords, and the URL links to the login or authorisation for the accounts.
"The database contained login and password credentials for a wide range of services, applications, and accounts, including email providers, Microsoft products, Facebook, Instagram, Snapchat,
Roblox, and many more."
The database has since been removed from public view, but these worrying numbers mean it is crucial that everyone checks their existing passwords and consider making some vital changes.
Once a hacker has both your username and password, it will be easy for them to start hacking into other accounts and stealing your personal data. In order to ward off cyber crooks, making
a quick change to your passwords will instantly make it harder for criminals to access your accounts.
Once hackers have your login details it's very easy for them to hack into other accounts and steal personal data.(Image: Getty Images) Additionally, people may want to consider setting up
two-factor authentication on their accounts. This extra measure means that no one will be able to log into your social media or email without a passcode being sent to a seperate device.
Speaking about the latest breach, the team at Malwarebytes said: "There is no way to tell whether anyone else found the exposed database before it was removed from public access. However,
the exposure of such a massive dataset should serve as a wake-up call."
Security experts have also issued five top tips on how to protect your accounts from prospective hackers and scams.
Latest scam storiesFive word scam that can empty bankClass action suit against M&S hackersAndroid scamEmail scamsFive top tips to protect your accounts • Change your passwords regularly,
and don’t reuse them across multiple accounts. Use unique, complex passwords for every service.
• Enable two-factor authentication (2FA) wherever possible. This makes it harder for criminals to take over your account.
• Regularly audit and clean your email inbox of sensitive documents and old passwords. Jeremiah pointed out that "people unknowingly treat their email accounts like free cloud storage and
keep years’ worth of sensitive documents, such as tax forms, medical records, contracts, and passwords without considering how sensitive they are."
Article continues below • Use an up-to-date and active anti-malware solution that can detect and remove infostealer malware.
• Be careful about what you download and educate yourself on recognizing phishing emails, as these remain the most common infection vectors.
Join the Daily Record WhatsApp community! Get the latest news sent straight to your messages by joining our WhatsApp community today.
You'll receive daily updates on breaking news as well as the top headlines across Scotland.
No one will be able to see who is signed up and no one can send messages except the Daily Record team.
All you have to do is click here if you're on mobile, select 'Join Community' and you're in!
If you're on a desktop, simply scan the QR code above with your phone and click 'Join Community'.
We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don’t like our community, you can check out any time you like.
To leave our community click on the name at the top of your screen and choose 'exit group'.
If you’re curious, you can read our Privacy Notice.
