[Yesterday (June 9), Lithuanian privacy service provider NordLocker announced in a blog post and report that about 1.2 terabytes of data stolen from 3.2 million infected Windows PCs was found online by researchers.)

The data included login credentials for Amazon, Apple, eBay, Facebook, Google, Instagram, Netflix, Paypal, Roblox, Steam, Twitch, Twitter, and other widely used services ( email addresses and passwords) for widely used services included 26 million sets.

The stolen credentials included 1.1 million unique email addresses, and you can check to see if your email address is among them at HaveIBeenPwned.com.

There were also 2 billion session cookies. These are strings of data that are stored in your browser and keep you logged into an online service for weeks or months after your computer is rebooted.

About 22 percent of the session cookies were still active, meaning that anyone could break into an online account and use them to read email, play games, post on Facebook, or check the amount in their bank account.

"Hackers may not be able to empty your bank account with cookies stolen from your online banking session, but they can still learn your bank name and the time stamps of your transactions," says Oliver Noble, a security expert at NordLocker.

The cloud storage provider hosting the stolen data was notified of the database contents and the data was taken offline.

Much of the data was stolen from web browsers that store user passwords. While it may be convenient to have the browser store passwords and automatically enter them when needed, it is safer to use the best password managers, as they are not as easily hacked as browsers.

"Some of this data is very alarming for people who use the autofill feature of their browsers," Noble said. 'While this feature is very convenient and saves time, it is not malware-proof and carries with it a significant security risk.'

The data was apparently stolen by an unnamed Trojan horse embedded in "cracked" versions of Photoshop and games available online. once on the PC, the malware steals browser data and then searches the user's downloads folder and documents folders, took screenshots, and even used the PC's webcam, if available, to take pictures of the user.

About 1 million images, 3 million text files (many of them system logs), and 650,000 Word and PDF files were also part of it, NordLocker said. Each infected PC was assigned a unique ID so that the stolen data could be better sorted and categorized.

Judging from the screenshots, the researchers (NordLocker did not reveal who they were working for) believed the information theft campaign was active between 2018 and 2020.

To avoid falling victim to this type of attack, use some of the best Windows 10 antivirus software to stop malware before it infects your PC. Do not download cracked software or product license key generators.

Log out of Facebook, Gmail, Twitter, and other services every few weeks, clear your session cookies, and start fresh. Also, as mentioned above, use a stand-alone password manager, not a browser, to store passwords.