A publicly accessible database containing over 149 million login records was discovered, exposing credentials from 900,000 iCloud users. The 96GB dataset included emails, social media, and financial logins, but was neither encrypted nor password-protected. Security researcher Jeremiah Fowler disclosed the exposure on January 23.

The data wasn't from a breach of Apple or other servers. Instead, it was harvested by infostealer malware infecting individual devices. This malware silently captures logins via keylogging and browser scraping, then criminal groups store the data in misconfigured cloud databases. The dataset was actively growing during the investigation.

Once credentials are stolen at the device level, platform security offers limited defense. This incident underscores why passkeys and unique passwords are critical. Users should assume exposure, enable two-factor authentication, and update all software. Infostealers remain effective due to uneven security habits, making device hygiene essential for protection.