Over 16 billion login and password credentials have been exposed online, a new research reveals. In what is considered to be the largest data breach in history, the leaked datasets include information from platforms like Apple, Facebook, Google, GitHub, Telegram, and various government services. The datasets contain information like login details and passwords claiming that the leak is a ‘blueprint for mass exploitation’.
Cybernews reports of this 16 billion login and passwords dataset leak, and it says that the data is an amalgamation from ‘various infostealers’. Researchers say that these datasets were exposed briefly, accessible temporarily through Elasticsearch or object storage instances.
These datasets do not contain old logins and password details, but is 'fresh, weaponisable intelligence at scale’. “This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing” the report said.
“What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale,” researchers warned.
The report says that it’s unclear who is behind this breach, but it’s likely that ‘some of the leaked datasets were owned by cybercriminals.’ Information in the leaked datasets come from pretty much any online service imaginable, from Apple, Facebook, Google, GitHub, Telegram, and various government services. All users of the Internet are strongly advised to frequently change passwords and keep their password strength as ‘strong’ to avoid losing private data.
