At least 900 websites built with Google’s Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers. Among these websites, it’s estimated that at least 125 million user records were found to be publicly accessible, including billing information and plaintext passwords.

Source: The Register