Pakistanโs National Cyber Emergency Response Team (NCERT) has asked all citizens to change their social media and online service passwords after a major global data breach exposed 184 million unique account credentials.
In an advisory released Monday, NCERT said usernames, passwords, emails and URLs linked to major platforms like Google, Microsoft, Apple, Facebook, Instagram and Snapchat were leaked. Accounts from the government, banking and healthcare sectors were also affected.
Infostealer Malware Behind the Leak
The leaked information was reportedly collected through “infostealer malware,”ย a type of harmful software that collects private data from infected devices. NCERT warned that this data was stored in plain text, without encryption. Moreover, it was made publicly available online without any authentication.
NCERT emphasised quick action to reduce risks and secure any affected accounts. They warned that the stolen data could be used in several harmful ways, including credential stuffing account takeovers, identity theft and ransomware attacks.
They also said this breach affects government portals, critical sectors and financial institutions. Patient data and internal business systems are also at risk.
Since the leak requires no special access, it is classified as “Data Breach, Credential Theft and Malware Dump” with a high threat level.
Action Steps and Cyber Safety Measures
NCERT stated, โImmediate action is recommended to mitigate associated risks and to secure systems potentially impacted by this breach.โ
The agency urged everyone to change passwords and enable multi-factor authentication. Moreover, avoid storing passwords in emails or unprotected files.
They also suggested using password managers and tools to check if your data has been leaked. Organisations are advised to rotate passwords regularly. Also, follow the least privilege rule and train staff on phishing and secure practices.
To monitor threats, logging suspicious login attempts and using SIEM tools is encouraged. While there is no patch to fix the leak, protection must come from better password practices and security hygiene.
Stay tuned toย Brandsynario for the latest news and updates