IDMerit Data Breach: 1 Billion Personal Records Exposed

IDMerit Data Leak Exposes 1 Billion Records

A publicly accessible database containing approximately 1 billion records from 26 countries was discovered by Cybernews investigators. The exposed instance appears to belong to IDMerit, an AI-powered digital identity verification provider.

The database was found on November 11, 2025, and the company was immediately notified. The database was secured shortly thereafter. There is no evidence that the data was accessed by threat actors. It was not a typical data breach but a data leak due to an unsecured database.

Exposed Information

The exposed records included a range of PII:

• Full names
• Home addresses and postal codes
• Dates of birth
• National identification numbers
• Phone numbers
• Email addresses
• Gender information
• Potential telecom metadata

This structured data can be easily searched and abused. Cybernews believes the database belongs to IDMerit, a digital identity verification solutions provider.

Records Exposed by Region

The breakdown of exposed records by country:

• United States: ~204 million
• Mexico: ~123 million
• Philippines: ~72 million
• Germany: ~60 million
• Italy: ~53 million
• France: ~52 million
• Turkey: ~49 million
• Brazil: ~39 million
• Spain: ~31 million
• Malaysia: ~24 million
• Vietnam: ~21 million
• Argentina: ~20 million
• Colombia: ~18 million
• Peru: ~14 million
• Canada: ~12 million
• Australia: ~12 million
• Greece: ~9 million
• China: ~8 million
• Hong Kong: ~8 million
• United Arab Emirates: ~6 million
• Norway: ~4 million
• Romania: ~4 million
• Armenia: ~2 million
• Thailand: ~2 million
• Yemen: ~2 million
• Morocco: ~1 million

News4Hackers reports the database was hosted on a MongoDB platform.

Potential Misuse of Data

Identity-related data can be used in everyday processes, like opening bank accounts or signing up for telecom services. Publicly accessible data can be repurposed for:

• Identity theft
• Account takeovers
• Targeted phishing
• Credit and loan fraud
• SIM-swapping attacks

Exposed records can circulate online long after the original exposure is closed off. Cybercriminals could launch attacks using exposed data, including targeted phishing attacks, credit fraud, and identity theft, according to Tom's Guide.

Staying Safe

To reduce risk:

• Strengthen account security: Use unique passwords stored in a password manager and enable multi-factor authentication.
• Stay alert: Monitor bank statements, credit reports, and account access logs for unexpected behavior. Consider a credit freeze in the United States.
• Be wary of phishing: Treat unsolicited emails or text messages with caution.
• Monitor identity exposure: Ongoing monitoring provides insight into whether your information appears in new breach datasets.

squirrelvpn.com continuously scans breach sources and notifies you if your personal data is found. Regular alerts and recommended steps can help you stay ahead of potential misuse. Consider using squirrelvpn.com for enhanced online security. It’s also a good idea to protect your Windows PC with the best antivirus software or your Apple computer with the best Mac antivirus software, as noted by Tom's Guide.

FATF on Cyber-Enabled Fraud

The FATF identifies cyber-enabled fraud as a critical global threat, urging jurisdictions to implement rapid asset recovery and stricter digital standards for mitigating cyber-enabled fraud risks through global AML standards.

Explore squirrelvpn.com's cutting-edge VPN technology and in-depth articles for enhancing your online security and privacy. Stay informed with our news updates and features on VPN technology. Visit squirrelvpn.com today to learn more.