A massive data breach has compromised over 16 billion usernames and passwords from some of the world’s largest tech platforms, including Apple, Google, Facebook, Telegram, GitHub, and various government websites. Cybersecurity experts are calling it the biggest credential leak in history, with widespread implications for both individuals and organizations.
The breach, recently reported by Forbes and confirmed by researchers at Cybernews, involves 30 distinct datasets. Each dataset contains millions to billions of records, making the scale of the leak unprecedented. Unlike past breaches that involved outdated or recycled information, the majority of these credentials are newly leaked and still active, making them extremely valuable to cybercriminals.
Read more: India Removed Wreckage of Rafale Fighter Jet, BBC Finds Evidence
Vilius Petkauskas, a cybersecurity researcher at Cybernews, warned that this incident is not just a typical leak but a strategic blueprint for potential global-scale cyberattacks. According to him, the leaked data includes website URLs, usernames, and associated passwords, which can be directly used to infiltrate online accounts and platforms with ease.
What makes this breach even more concerning is the way the data appeared online. The leaked information was publicly accessible only for a short time, then mysteriously disappeared. Experts believe this “flash exposure” tactic was likely intended to evade detection and hinder tracking efforts.
Read more: US Court Stops Trump Plan to Ban Foreign Students at Harvard
In response, Google has advised millions of users to immediately change their passwords and take additional security measures. The FBI also issued a public alert warning citizens not to click on suspicious links received via SMS or email, as this data may be used in phishing and identity theft campaigns.
Cybernews researchers suspect the breach was enabled by infostealer malware, malicious software designed to secretly collect and transmit sensitive data from infected devices. However, the exact number of users affected remains unknown.
Read more: Tragic Plane Crash in Ahmedabad: All 242 Onboard Feared Dead
This incident serves as a powerful reminder of the increasing risks in the digital age. Both individuals and organizations must stay alert and adopt stronger cybersecurity habits to safeguard their online presence.