In brief
- A major data breach has exposed sensitive information, sparking fresh concerns about cybersecurity.
- The previously unreported data breach has exposed more than 16 billion login credentials.
- Experts warn that poor adoption of multi-factor authentication and passkeys leaves users vulnerable.
A previously unreported data breach has exposed more than 16 billion login credentials, making it one of the largest compilations of stolen personal data ever discovered.
First reported by Cybernews, the trove of data includes credentials for widely used services, including Facebook, Google, Telegram, and GitHub, as well as access to corporate, developer, and government websites.
Researchers from Cybernews said the information likely comes from a mix of infostealer malware logs, credential stuffing databases, and previously repackaged leaks.
“This is not just a leak – it’s a blueprint for mass exploitation,” Cybernews researchers said in a statement. “With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.”
Google, Facebook parent Meta, and GitHub did not immediately respond to Decrypt's requests for comment.
Elon Musk’s X DDoS Accusation Ignores Basics of Cyber Attacks, Expert Says
Elon Musk’s claim that the DDoS attack on X (formerly Twitter) originated from Ukraine drew skepticism from cybersecurity experts, who argue that attributing attacks based on IP addresses is unreliable. Attackers frequently use virtual private networks (VPNs) and other methods to obfuscate their origins, making pinpointing a specific geographic source difficult. On Monday, X was the target of a distributed denial-of-service attack that intermittently shut down the popular social media site for u...
An info-stealer is malicious software that secretly collects sensitive data—such as passwords, financial information, and browser activity—and sends it to cybercriminals.
Unlike keyloggers, info-stealers not only capture what a victim types but also scan systems for stored passwords, cookies, autofill data, and other exploitable information.
The researchers identified 30 datasets, each ranging from tens of millions to more than 3.5 billion records. The average dataset contained around 550 million entries.
According to Cybernews, the datasets were briefly exposed online through unsecured cloud storage. While they were quickly taken down, the exposure was enough for the datasets to be collected and analyzed.
The individuals or groups responsible for the leak have not been identified.
'Pro-Israel Hacker Group' Drains, Burns $90 Million From Iranian Bitcoin Exchange
A pro-Israel hacking group has claimed responsibility for breaching Iran's largest crypto exchange, draining more than $90 million in digital assets while warning of further attacks on what they described as regime-linked financial infrastructure. The attack on Nobitex, first reported by blockchain investigator ZachXBT on Wednesday morning, saw hackers exploit multiple blockchain networks using provocatively named wallet addresses including "TKFuckiRGCTerroristsNoBiTEXy2r7mNX" on the Tron networ...
In a separate incident, Coinbase disclosed in May that a breach in December affected more than 69,000 customers. That same month, the crypto exchange was targeted by cybercriminals demanding a $20 million Bitcoin ransom for stolen customer data. Instead of complying, Coinbase launched a $20 million bounty to track down the attackers.
“They then tried to extort Coinbase for $20 million to cover this up. We said no,” Coinbase said in a statement at the time.
Experts warn that data breaches pose serious risks to individuals and organizations, particularly those that lack strong cybersecurity practices, such as multi-factor authentication and routine password updates.
“Not all sites force password reset upon breach discovery,” a security expert told Decrypt. “People reuse passwords all the time, or variants of them, making them easy targets.”
The expert, speaking on condition of anonymity, noted that the latest leak will most severely impact smaller websites and individual users with limited cybersecurity resources.
A Preventable Breach?
While the scale of the breach is alarming, the root cause isn’t new or particularly sophisticated, and could have limited impact on those using two-factor authentication, password managers, and passkeys as essential defenses.
“Normal users will be impacted,” the expert said. “Users with 2FA will be fine.”
Multi-factor authentication in the form of mobile apps like Google Authenticator and Microsoft Authenticator adds a critical layer of security by requiring users to verify their identity through an additional method, such as a text message code, app notification, face ID, or fingerprint.
Passkeys, a newer alternative to traditional passwords, eliminate the need for login credentials entirely by using cryptographic keys stored on a user’s device. Passkeys are “origin-bound,” meaning they only work with the specific website or service for which they were created.
Passkeys are considered more secure and less vulnerable to phishing attacks, and are being adopted by industry giants such as Google, Amazon, Apple, and Microsoft.
Edited by Sebastian Sinclair
