But because the server wasn’t protected with a password, anyone could find and access the database. Each record contained a user’s unique Facebook ID and the phone number listed on the account.

Apple login credentials were among a massive database of 184 million records found sitting unprotected on a web server.