Data Breach Summary
A massive data breach has exposed login and password information for at least 184 million user accounts tied to some of the most widely used platforms on the internet—including Apple, Facebook, Gmail, Google, Netflix, Roblox, and more.
Cybersecurity researchers discovered the unprotected database on a server operated by World Host Group, a web service provider with infrastructure tied to more than 2 million websites. The leaked credentials were stored unencrypted and publicly accessible, leaving millions of users vulnerable to identity theft, financial fraud, and unauthorized account access.
In just a small sample of the data analyzed, researchers found:
Credentials for bank accounts, health platforms, and government portals—including .gov emails from 29 countries.
“I saw thousands of files that included emails, usernames, passwords, and the URL links to login or authorize the accounts,” one researcher wrote. These credentials were verified with users, confirming their authenticity.
If you’ve ever used popular platforms like Apple, Gmail, Netflix, Instagram, PayPal, or Discord, your data may be included in this breach. Especially at risk are individuals with reused passwords, no two-factor authentication, or accounts tied to financial or governmental services.
At Class Action U, we believe consumers shouldn’t have to pay the price for corporate negligence. If your information was compromised in this breach, you may be entitled to compensation through a class action lawsuit.
World Host Group has yet to fully explain how such a vast trove of personal data ended up unprotected, or who is responsible. This lack of transparency only deepens the risk for those impacted.
©2024 ClassActionU