A database containing more than 184 million unique identifiers was recently found accessible online, without any protection. Behind these impressive figures lies access to personal platforms, bank accounts, professional services, and even government addresses.
At Mon Technicien, we explain why this leak is concerning and, above all, what concrete steps you can take to protect your data.
What you need to know
In early May 2025, a researcher discovered a database of over 47 GB on the internet, publicly exposed, without a password or encryption. Among the compromised data was access to Google, Microsoft, Apple, Instagram, Amazon, and accounts linked to healthcare services, crypto wallets, and over 220 .gov addresses.
It is impossible to know for sure where the database came from. It could have been created by malware that stole passwords stored in web browsers.
Why is this a real problem?
Because cybercriminals use this information to:
- Try your passwords on other sites (credential stuffing).
- Impersonate you to send malicious emails.
- Access sensitive resources in professional or institutional environments.
- Personalize their attacks by using an old password as bait.
In short, a leak like this can quickly have significant repercussions… especially if your digital practices are not up to date.
Three concrete steps we recommend
At Mon Technicien, we offer three simple and effective measures that are suitable for all users.
1. Use passphrases, not passwords
Forget complex character strings that are impossible to remember.
Instead, choose a phrase that is easy to remember, long, and unique.
Examples:
TheSunAlwaysRisesInTheEast!I Ate Two Apple Pies in June
Why does it work? Because a passphrase makes your life easier if you want to create different passwords for each site. For example, on your iCloud account, you could use: I ate two apple pies in June on the Netflix website, I ate two pies at the movies in June and on the Disney+ website, I ate two cartoon pies in June
2. Enable multi-factor authentication (MFA)
Even the best password can be stolen. Multi-factor authentication adds an extra layer of security:
A unique code sent to your phone, an app like Microsoft Authenticator, or a physical security key.
Enable MFA as a priority on:
- Your email accounts
- Your work accounts
- Your banking services
- Your cloud hosting platforms
3. Adopt a password manager
A reliable manager allows you to:
- Generate strong, unique phrases or passwords
- Keep them secure
- Access them easily, even on multiple devices
You only need to remember one master password, and the rest is managed for you. It’s simple, convenient, and much more secure than sticky notes or Excel files.
Even if you’re not in the hacked database, these incidents are useful reminders: no account is too small to be targeted, and good digital hygiene protects both your personal and professional data.
By adopting these three best practices today, you’ll significantly reduce your risks:
- 🔐 A strong passphrase
- 🔄 Two-factor authentication
- 🧰 A secure password manager
💡 At Mon Technicien, we believe that cybersecurity is first and foremost a matter of good habits. And that starts now.
Thought of the day
“Good security starts with a bad habit that you give up.”
— Change your passwords. And do it right.
in your taskbar.