Back to Knowledge Vault

184M Apple and Google Accounts Hacked — Go Offline

The numbers are staggering. The exposure is global. A publicly accessible 47GB ElasticSearch database has exposed over 184 million unique account credentials,…

The numbers are staggering. The exposure is global.

A publicly accessible 47GB ElasticSearch database has exposed over 184 million unique account credentials, including login data tied to Apple ID and Google accounts two of the most widely used digital ecosystems in the world.

Discovered by cybersecurity researcher Jeremiah Fowler, the data included usernames, email addresses, and passwords in plain text — no encryption, no protection, no excuse. The repository was hosted by World Host Group and has since been taken offline, but the damage is already done.

This isn’t just a leak. It’s a mass exposure event.

What was found?

The leaked credentials spanned a wide range of services not just Apple and Google:

Government email addresses across 29 countries, including the UK Logins for platforms like Facebook, Discord, Instagram, Roblox, and Snapchat References to banking and crypto wallets in file names and keywords A high likelihood the dataset was harvested using infostealer malware deployed via phishing campaigns or malicious apps

As Fowler noted, “This isn’t just one platform. It’s digital identity theft on a systemic, industrialised scale.”

This isn’t your fault but it is your risk

Even if you’ve never reused passwords (which most people do), many third-party services have indirect access to your cloud data through tokens, syncing permissions, or app integrations. Once breached, it’s not just your files it’s your entire digital identity at stake.

What to do immediately

Change your passwords now especially for Apple ID, Google, and any reused logins Enable hardware- or app-based 2FA (not SMS) Remove third-party app access from cloud services Monitor your accounts for unusual login activity or phishing attempts

But even then, you’re still online. And what’s online can always be breached.

Firevault: The answer that lives offline

This breach is a reminder that cloud convenience comes at a cost. Encryption helps but only physical disconnection can eliminate the attack surface entirely.

That’s where Firevault™ comes in.

“If there’s no IP address, there’s nothing to find. Firevault keeps your most valuable digital assets completely offline until you choose to access them,” explains Mark Fermor, co-founder of Firevault.

Firevault is the world’s first fully offline digital vault air-gapped, invisible, and identity-locked. No packets. No ports. No exposure.

It’s built for:

Legal files, contracts, and shareholder data Intellectual property, startup IP, and creative works Crypto seed phrases, banking docs, insurance policies Personal documents that simply cannot be replaced

In short: what matters most.

The wake-up call

This is no longer about if your data will be targeted. It’s about how exposed it already is and what you’re doing to take back control.

Encryption isn’t enough. Password managers aren’t enough.

Visit firevault.com to take control before the next breach finds you.

Protect your data. Disconnect to protect. Firevault.

#Cybersecurity #AppleHack #GoogleBreach #Firevault #DataBreach #OfflineSecurity #DigitalSovereignty #DisconnectToProtect

Share this article