14 Million Internet Cookies From UK Consumers Leaked

Over 14 million internet browser cookies linked to UK consumers have been leaked onto the dark web. A recent study from NordVPN revealed the leak. This disclosure is part of a larger global issue, with more than 54 billion cookies found leaked worldwide, impacting users in 244 countries.

Internet cookies are small data files stored on users’ devices to enhance the online browsing experience. While they facilitate smoother website navigation by remembering user preferences and previous sessions, cookies have also emerged as potent tools for cybercriminals aiming to steal data and accounts.

The leak's extent is particularly alarming in the UK, where 56% of the cookies were found to be active, significantly higher than the global average of 17%. Active cookies are those that can still track user activity on the internet, posing a more substantial risk of cybercriminals gaining unauthorized access to sensitive information.

NordVPN's analysis identified that the leaked cookies contain a wide array of personal information, from basic identifiers like names and emails to more detailed data on users' locations, behaviors, and preferences. Some even contained login details, or authentication data that would let a threat actor completely bypass the login and MFA process. This treasure trove of data could potentially enable cybercriminals to execute sophisticated scams, fraud, and more.

It pinpointed the source of the breach to a variety of malware, with up to 12 different types implicated in the cookie theft. Remarkably, nearly 57% of these cookies were harvested using the malware Redline, a notorious infostealer and keylogger.

According to the report, around 2.5 billion of the total 54 billion cookies found on the dark web originated from Google, with YouTube contributing 692 million, Microsoft 658 million, Bing 573 million, MSN 318 million, and Amazon 275 million.

Cybersecurity experts, including NordVPN’s advisor Adrianus Warmenhoven, underscore the critical need for digital vigilance in the wake of this breach. Warmenhoven advises consumers to adopt safer online practices, such as regularly clearing cookies and scrutinizing file downloads. He also recommends employing cybersecurity tools like VPNs to further bolster defenses against such threats.