Stolen Credentials: Massive Database Exposes 24 Billion Records

On June 12, 2026, cybersecurity researchers uncovered an unprotected, multi-terabyte cloud repository containing a staggering 24 billion stolen credentials, marking one of the most massive aggregations of compromised personal data ever recorded. Discovered by the research team at Cybernews, this colossal database sat completely exposed on a public-facing Elasticsearch cluster, serving as an open library for any threat actor with internet access. The cluster, which weighed in at over 8.3 terabytes of data, remained active and vulnerable before it was successfully secured and taken offline on June 15, 2026. The public details of the exposure formally surfaced on June 17, 2026.

The scale of this exposure goes far beyond a typical corporate data breach. Instead, this repository represents a master compilation of multiple intelligence streams, harvested predominantly through aggressive, malware-driven operations. Because the database arranged credentials in plaintext alongside their matching target login URLs, it effectively laid out a turnkey blueprint for automated account takeovers worldwide. The discovery highlights a worrying trend: the consolidation of decentralized, illicit datasets into centralized, high-performance