Attackers behind phishing campaign have unintentionally left more than 1,000 stolen credentials available online via simple Google searches, researchers have found. The campaign, which began in August 2020, used e-mails that spoof notifications from Xerox scans to lure victims into clicking on malicious HTML attachments. The attackers stored the stolen credentials in designated webpages on compromised servers. Google constantly indexes the internet, the search engine also indexed these pages, making them available to anyone who queried Google for a stolen email address.
Source: https://threatpost.com/attackers-leave-stolen-credentials-google-searches/163220/