In an unprecedented cybersecurity incident that saw billions upon billions of Apple, Facebook, Telegram, GitHub, and Google passwords leaked (and many others), users are rightfully wondering if their credentials have been a part of it.
Specifically, the Cybernews researcher team has confirmed that as many as 16 billion passwords to popular online platforms have leaked into the open, likely originating from various infostealers, making it one of the largest data breaches in history, according to a report last updated on June 20.
Devastating implications of unprecedented data leak
It’s not just social media that’s been affected but also government services, corporate platforms, VPNs, and developer portals, with the team having discovered 30 exposed datasets holding between tens of millions to more than 3.5 billion records each, and totaling an epic 16 billion records.
As the researchers explained, the implications of this massive and unparalleled breach could be devastating:
“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.”
The news arrives a month after Wired magazine unveiled that a security researcher had discovered a “mysterious database” with 184 million records, which sounded like a lot at the time, but was nowhere near the total amount reported in the recent reveal.
What the leaked data includes
According to the researchers, the majority of the stolen datasets are a mix of details from stealer malware, credential stuffing sets, and repackaged leaks, although there are also overlapping records, making it very difficult to tell just how many people or accounts are truly in danger.
Still, the team managed to discern that most of the information followed a particular structure – a URL, followed by login details and a password. This represents a clear footprint of malicious software stealing sensitive information – an infostealer. The team further said:
“The inclusion of both old and recent infostealer logs – often with tokens, cookies, and metadata – makes this data particularly dangerous for organizations lacking multi-factor authentication or credential hygiene practices.”
Were your Facebook, Apple, Google passwords leaked?
As it happens, it is at the moment impossible for the researchers to find out who was a part of the leak, particularly as the uncovered datasets differ massively. For instance, the smallest dataset, named after malicious software, has more than 16 million records.
Another, with over 455 million records indicates its origins in the Russian Federation, while a different one, with more than 60 million records, bears the name of Telegram, suggesting that’s where the stolen information came from.
On the other hand, the largest one, which they said likely relates to the Portuguese-speaking population, has over 3.5 billion records, which means the average dataset with exposed credentials would contain about 550 million records.
While it’s nearly impossible to say for sure if your credentials have been part of this huge leak, at least for now, the best thing you can do is practice basic cyber hygiene. This means using a password manager to create strong and unique passwords, updating them regularly, as well as reviewing your systems for infostealers.
Meanwhile, a report from March this year has linked more than 40% of health email breaches to Microsoft 365, where users had DMARC (Domain-based Message Authentication, Reporting, and Conformance) in ‘monitor-only’ mode, leaving phishing attempts undetected.
ReadNext
