Monday, March 17, 2025
HomeCyber Security NewsGlobal IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

Published on

SIEM as a Service

Follow Us on Google News

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials, device information, and user details, raising global concerns over IoT (Internet of Things) security.

Cybersecurity researcher Jeremiah Fowler uncovered this unprotected database, linked to Mars Hydro, a China-based manufacturer of IoT-enabled grow lights and agricultural devices, and disclosed the findings to vpnMentor.

The exposed database, totaling 1.17 TB in size, contained 2,734,819,501 records, including sensitive information such as Wi-Fi network names (SSID), passwords, IP addresses, device IDs, and logs related to connected IoT devices.

Alarmingly, this data was stored in plain text with no encryption, making it vulnerable to unauthorized access and potential exploitation.

Details of the Breach

The leaked data was traced to Mars Hydro and its affiliated company, LG-LED SOLUTIONS LIMITED, registered in California.

The leaked data was traced to Mars Hydro
The leaked data was traced to Mars Hydro

The database also included API details, device operating system information (e.g., iOS, Android), and error logs referencing Mars Hydro’s products and its related control application, Mars Pro.

Despite Mars Hydro’s claim that its official app collects no user data, the logs revealed connectivity details and user credentials, likely captured by the IoT devices themselves.

Fowler noted that the breach extended risks such as unauthorized network access and the potential for advanced cyberattacks.

For instance, exposed SSID credentials could allow attackers to access private Wi-Fi networks, intercept data, or even exploit connected devices for malicious purposes.

Mars Hydro restricted public access to the database shortly after Fowler reported the issue.

However, key questions remain unanswered, such as how long the database was exposed and whether other parties accessed the data before the breach was secured.

This incident highlights the growing vulnerabilities in IoT ecosystems. According to a Palo Alto Networks report, 57% of IoT devices are highly vulnerable, with 98% transmitting unencrypted data.

Many IoT devices also rely on outdated software, default passwords, or lack authentication entirely, exacerbating security threats.

This screenshot shows how files were collected and stored by date and type.
This screenshot shows how files were collected and stored by date and type.

Fowler emphasized the risk of data breaches like this being exploited for “nearest neighbor attacks,” where hackers infiltrate nearby networks via exposed Wi-Fi credentials.

Such vulnerabilities could facilitate surveillance, man-in-the-middle (MITM) attacks, or manipulation of IoT devices to disrupt operations.

Experts urge IoT manufacturers to prioritize security by encrypting sensitive data, conducting regular security audits, and implementing robust authentication mechanisms.

Developers should also avoid logging sensitive user information in plain text and restrict access to cloud storage repositories.

While Mars Hydro and its affiliates have not faced misconduct allegations, this breach underscores the critical need for heightened data protection standards in the rapidly expanding IoT landscape.

For users, adopting strong passwords and securing IoT devices remains paramount to safeguarding privacy and preventing cyberattacks.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials

The HELLCAT ransomware group has claimed responsibility for a significant data breach at Jaguar...

Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers

A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache...

Apple Introduces RCS End-to-End Encryption for iPhone Messages

Apple has announced the integration of end-to-end encryption (E2EE) for Rich Communication Services (RCS)...

Adobe Acrobat Vulnerabilities Enable Remote Code Execution

A recent disclosure by Cisco Talos' Vulnerability Discovery & Research team highlighted several vulnerability...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials

The HELLCAT ransomware group has claimed responsibility for a significant data breach at Jaguar...

Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers

A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache...

Apple Introduces RCS End-to-End Encryption for iPhone Messages

Apple has announced the integration of end-to-end encryption (E2EE) for Rich Communication Services (RCS)...