A strong password is POINTLESS if you were included in latest Dark Web leak, security expert warns

a hand is seen typing on a keyboard with bright red computer code bleeding out from the screen

All products are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more

Aaron Brown

By Aaron Brown

Published: 12/04/2024

- 06:30

Updated: 12/04/2024

- 09:06

Millions of cookies containing usernames, passwords, location data, and much more, have surfaced on the Dark Web

If you're unlucky enough to be tangled up in the latest Dark Web leak, all your passwords are now useless.

That's the terrifying warning issued by a security expert at NordVPN, who revealed that millions of cookies have surfaced on the Dark Web, with hackers leveraging these small files to bypass passwords. Cybersecurity firm NordVPN, which specialises in VPNs, password managers, and encrypted cloud storage, has revealed that 54 billion cookies have been leaked to the Dark Web, with 14 million from the UK alone.

Cookies are an essential tool when browsing online. These small files are packed with information so websites can remember details on your last visit. If you've ever launched a website and found you're still logged into your account, your postcode has been saved, or there are items in your shopping basket ...that's all thanks to cookies saved on your phone, tablet, laptop, or desktop PC from your previous visit.

a screenshot from nordpass showing the dark web monitoring

Cybersecurity firm Nord will scour the Dark Web for leaked records, including cookies, that could be used to break into your online accounts


If an active cookie is leaked, it can be used by hackers to access your account without entering a username or password. Worse still, cookies can include details including people's names, age, gender, current location, sexual orientation and size.

Of the 54 billion leaked cookies discovered on the Dark Web, only 17% (roughly nine billion) were active — but that figure skyrocketed to 56% when UK cookies were analysed. The UK had the second-highest number of active cookies in the stolen database globally, behind just North Korea.

Cybersecurity advisor at NordVPN, Adrianus Warmenhoven cautioned: “Millions of websites are able to convince browsers that accepting all cookies is essential to getting the most out of your experience and that it’s much less hassle to simply click ‘Accept’. However, you might not know what you’re agreeing to.

“There is a real danger that many don’t realise that if a hacker gets hold of your active cookies, they might not need to know any logins, passwords, and even MFA to overtake your accounts.

"It’s important to understand that the cookie setup is necessary. There is no other way for a device to know which user operates it. Without cookies, the server cannot verify the user.

“However, if this cookie is stolen and is still active, an attacker can potentially login into your account without having your password or needing MFA [Multi-Factor Authentication].

"In addition, cookies can also hold other sensitive information, such as people’s names, location, sexual orientation and even your appearance. Cookies can gather all manner of details to give a very intimate picture of the user, which ultimately leads to scammers being able to create well-targeted attacks."

Scouring the Dark Web database, NordVPN discovered 2.5 billion stolen cookies were from Google, with another 692 million from YouTube, and over 500 million from Microsoft and its Bing search engine.

There were 154 million authentication and 37 million login cookies.

Fortunately, there are some steps that you can take to protect yourself from leaked cookies. NordVPN's Adrianus Warmenhoven says: "While there’s no magic cookie jar to keep them locked up tight, there are some digital hygiene tips to be aware of.

"It’s a good idea to regularly delete cookies to minimise available data that can be stolen. Also, be aware of files you download and websites you visit — being vigilant can minimise your risk.

“Accepting cookies on untrustworthy websites presents a much greater risk than on secure websites, so checking the website security, or using tools such as NordVPN’s Threat Protection can also help.

“These tools help to block malicious sites, check downloads for malware, and block trackers, better protecting the user from data gathering and theft. Dark Web Monitoring can also help alert the user in the event the data does get stolen, allowing a person to take action before further harm can be caused.”


While active cookies pose the greatest danger — since these can enable hackers to take up where you left off in your online account — the inactive ones can still present a threat to user privacy. The stored information can also be used by hackers in further abuse or manipulation.

NordVPN analysis shows that as many as 12 different types of malware were used to steal billions of cookies. Nearly 57% of the database was collected by Redline, a popular infostealer and keylogger.

You may like