Massive Credential Leak Exposes Millions of Users

In a recent cybersecurity incident in the **United Kingdom**, hackers published a database containing more than **100 million usernames and passwords** on underground forums. The breach is believed to have originated from a popular e-commerce platform based in London, which suffered a silent compromise several months ago. Security experts say the exposed credentials date back several years but still include active user data.

The leaked credentials have already been used in credential stuffing attacks against UK-based banks, telecom providers, and public sector services. Authorities have warned that the incident may lead to increased fraud and identity theft across the country. The UK's National Cyber Security Centre (NCSC) has urged citizens to change their passwords immediately and activate multi-factor authentication wherever possible.

Investigations are ongoing, but preliminary reports suggest the attackers exploited an unpatched vulnerability in the platform’s outdated authentication system. The company involved has since taken its site offline and is cooperating with law enforcement. Meanwhile, cybersecurity experts are calling this one of the most significant leaks of the year and a wake-up call for companies still neglecting basic security hygiene.

← Back to News