Morrow County, Oregon is home to mega farms and food processing plants. But it’s also home to several Amazon data centers. And now, some experts believe, that combination is leading to an alarmingly high concentration of nitrates in the drinking water that is driving up cancer and miscarriage rates in the area.

Rolling Stone’s exposé details how Amazon, despite not using any dangerous nitrates to cool its data centers, is accelerating the contamination of the Lower Umatilla Basin aquifer, which residents rely on for drinking water. It’s a combination of poor wastewater management, sandy soil, and good old physics that has led to nitrate concentrations in drinking water as high as 73 ppm (parts per million) in some wells, which is 10 times the state limit of 7 ppm and seven times the federal limit.

According to Rolling Stone, “experts say Amazon’s arrival supercharged this process. The data centers suck up tens of millions of gallons of water from the aquifer each year to cool their computer equipment, which then gets funneled to the Port’s wastewater system.” The result is that more nitrate-laden wastewater gets pumped onto area farms. But the porous soil saturates quickly and more nitrates make their way into the aquifer.

This is exacerbated when Amazon then pulls this contaminated water, which is already over federal legal limits for nitrates, up to cool its data centers:

When that tainted water moves through the data centers to absorb heat from the server systems, some of the water is evaporated, but the nitrates remain, increasing the concentration. That means that when the polluted water has moved through the data centers and back into the wastewater system, it’s even more contaminated, sometimes averaging as high as 56 ppm, eight times Oregon’s safety limit.

Amazon, of course, disputes this narrative. Spokesperson Lisa Levandowski told Rolling Stone that, the story was “misleading and inaccurate,” and that, “the volume of water our facilities use and return represents only a very small fraction of the overall water system — not enough to have any meaningful impact on water quality.”

Levandowski also said that the area’s groundwater problems “significantly predate AWS’ (Amazon Web Services) presence.” Though, if Amazon was aware of the area’s challenges in securing enough safe drinking water for its residents, it raises questions about why the company hasn’t done more to mitigate its impact or why it even chose Morrow County in the first place.

The rise in nitrates in the drinking water has been linked to a surge in rare cancers and miscarriages. But efforts to limit further contamination and provide residents with safe, clean drinking water have been slow to materialize. The limited scope of the response and the fact that 40 percent of the county’s residents live below the poverty line has drawn comparisons to the crisis in Flint, Michigan. Kristin Ostrom, executive director of Oregon Rural Action (ORA), a water rights advocacy group, told Rolling Stone, “These are people who have no political or economic power, and very little knowledge of the risk.”

If you have not checked your credentials lately, now is the time. 

A staggering 1.3 billion unique passwords and 2 billion unique email addresses surfaced online. This event is one of the largest exposures of stolen logins we have seen.

This is not the result of one major breach. Instead, Synthient, a threat intelligence firm, searched the open and dark web for leaked credentials. You may remember the company from its earlier discovery of 183 million exposed email accounts. This time, the scale is far larger.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

AMERICA’S MOST-USED PASSWORD IN 2025 REVEALED

Where this huge trove came from

Most of the data comes from credential stuffing lists. Criminals pull these lists from old breaches and use them in new attacks. Synthient went further. Its founder Benjamin Brundage gathered stolen logins from hundreds of hidden sources across the web.

The data includes old passwords from past breaches and fresh passwords stolen by info-stealing malware on infected devices. Synthient partnered with security researcher Troy Hunt, who runs Have I Been Pwned. He verified the dataset and confirmed that it contains new exposures.

To test the data, Hunt started with one of his old email addresses. He already knew it had been added to past credential stuffing lists. When he found it in the new trove, he reached out to trusted Have I Been Pwned users to confirm the findings. Some had never appeared in breaches before, which proved that this leak includes new stolen logins.

183 MILLION EMAIL PASSWORDS LEAKED: CHECK YOURS NOW

How to check if your passwords were stolen

To see if your email was affected, 

• Visit Have I Been Pwned. It is the first and official source for this newly added dataset.
• Enter your email address to find out if your information appears in the leak.
• When done, come back here for Step 1 below.

WHAT REALLY HAPPENS ON THE DARK WEB, AND HOW TO STAY SAFE

How to protect yourself after this massive credential leak

These simple actions strengthen your accounts fast and help you stay ahead of criminals who rely on stolen passwords.

1) Change any exposed passwords immediately

Do not leave a known leaked password in place. Change it right away on every site where you used it. Create a new login that is strong, unique and not similar to your old one. This step cuts off criminals who already have your stolen credentials.

2) Stop reusing passwords across sites

Avoid reusing passwords across sites. Once hackers get a working email and password pair, they try it on other services. This attack method, called credential stuffing, still succeeds because many people recycle the same login. One stolen password should not unlock every account you own.

3) Use a strong password manager

A strong password manager can generate new secure logins for your accounts. It creates long, complex passwords that you do not have to memorize. It also stores them safely so you can sign in quickly without taking risky shortcuts. Many password managers also scan for breaches to see if your current passwords have been exposed.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

4) Turn on Two-Factor Authentication

Even the strongest password can be exposed. Two-factor authentication adds a second step when you log in. You may enter a code from an authenticator app or tap a physical security key. This extra layer blocks attackers who try to access your account with stolen passwords.

5) Protect your devices from malware and install strong antivirus software 

Hackers often steal passwords by infecting your devices. Info-stealing malware hides inside phishing emails and fake downloads. Once installed, it pulls passwords straight from your browser and apps. Protect your phones and computers with strong antivirus software. It can detect and block info-stealing malware before it drains your accounts. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

6) Consider switching to passkeys when possible

If you want better protection, start using passkeys on services that support them. Passkeys use cryptographic keys instead of text passwords. Criminals cannot guess or reuse them. They also stop many phishing attacks because they only work on trusted sites. Think of passkeys as a secure digital lock for your most important accounts.

7) Use a data removal service

Data brokers collect and sell your personal details, which criminals can combine with stolen passwords. A trusted data removal service can help find and remove your information from people-search sites. Reducing your exposed data makes it harder for attackers to target you with convincing scams and account takeovers.

While no service can guarantee total removal, they drastically reduce your digital footprint, making it harder for scammers to cross-reference leaked credentials with public data to impersonate or target you. These services monitor and automatically remove your personal info over time, which gives me peace of mind in today’s threat landscape.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

8) Review your security often

Security is not a one-time task. Check your passwords on a regular schedule and update older logins before they become a problem. Review which accounts have Two-factor authentication turned on and add it where you can. By staying proactive, you stay one step ahead of hackers and limit the damage from future leaks.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP 

Kurt’s key takeaways

Massive leaks like this one highlight how fragile digital security can be. Even when you follow best practices, your information can still land in criminal hands through old breaches, malware or third-party exposures. Taking a proactive approach puts you in a stronger position. Regular checks, secure passwords and strong authentication give you real protection.

With billions of stolen passwords floating around, do you feel ready to check your own and tighten your account security today? Let us know by writing to us at Cyberguy.com

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

Black Friday is technically a thing of the past, but many of the best deals we told you about yesterday — including deep discounts on the AirPods Pro 3, the Pixel Watch 4, and the latest Kindle Paperwhite — are still kicking for now. In some cases, gadgets are out of stock at certain stores, or certain configurations are tougher to find at this point. You don’t have to worry, though, as we’ve confirmed that every deal below is both in stock and selling at a great price.

Below are the results of our weeks spent sifting through deals and continually adding new, noteworthy deals as we come across them. We’re coming to you live once again today, so if you’re shopping, we think it’s worth returning here every few hours to see our latest finds. While we’ve primarily focused on tech — we are The Verge, after all — we’ve also included discounts on tools, Legos, and board games.

If you’re looking for deals on digital gifts, we’ve also highlighted great deals on streaming services, including HBO Max, Paramount Plus, and a bundle comprising Disney Plus and Hulu. Headspace and MasterClass have also discounted their annual subscriptions, if you’re open to trying meditation or want to pick up a few new skills.

Smartwatch and fitness tracker deals

Tablet and e-reader deals

Soundbar and speaker deals

Update, November 29th: Removed expired deals and added several new picks, including those for the Boox Palma 2, Happy Salmon, and JisuLife’s folding USB fan.