A new survey conducted by Cybernews researchers reveals one of the largest data breaches ever recorded: over 16 billion login credentialsincluding passwords, cookies, access tokens and metadatawere found circulating freely on the Internet. The accounts affected concern major technology platforms such as Google, Apple, Facebook, GitHub, Telegrambut also government services, VPNs, business portals and financial solutions.
These data have not been extracted in a single attack, but are the result of a series of gradual accumulation of stolen information using infostealer malwaresoftware capable of extracting credentials from millions of infected devices. According to the researchers, this is not just a leak, but a a true operational base for mass production.
A multi-faceted breach
The survey identified 30 data setseach containing between several tens of millions and over 3.5 billion records. Unlike previous leaks, most of these data are unpublished and recentThis makes them all the more dangerous. They are often structured by URL, with corresponding logins and passwords, offering direct access to various user accounts.
Researchers have been unable to identify the exact origin of the leak or those responsible, but attribute the operation to several cybercriminal groups or networks using different infostealers. Some data also come from credential stuffingIn this case, passwords recovered from one site are tried out on other platforms, taking advantage of the fact that many Internet users reuse the same logins.
Targeted services and risks
The services affected include not only the digital giants, but also sensitive services such as financial platforms (WeChat, Alipay), cloud environments, and systems linked to public administration. This diversity demonstrates the scale of the risks: account takeover, extortion, targeted phishing campaigns, ransomwareand other digital frauds.
The researchers point out that although some data have been duplicated between different sets, the net volume of identifiers remains colossal. The true number of unique victims is therefore difficult to assess, but the potential consequences are critical.
Official alerts and recommendations
Following the discovery, Google asked its users to change their passwords immediately. Le FBIhas issued a warning to avoid any suspicious links received by text message or e-mail. In addition, the founders of Keeper Security have expressed their concern about the trivialization of data leaks and are calling for widespread adoption of cybersecurity best practices.
Fortunately, the exposed databases were only temporarily accessible. But that doesn't mean they've disappeared: they're now circulating in private circles, potentially in the hands of malicious groups.
One leak among many
This leak comes on top of a disturbing series of violations this year. In May, another leak exposed 184 million identifiers. A few months earlier, a file named RockYou2024 grouped together nearly 10 billion passwords stolen. Last year, Cybernews had already identified 26 billion records compromised. This dynamic demonstrates the scale of the problem.
What can you do to protect yourself?
Against this backdrop, the experts recommend immediate action:
- Change all your important passwords as of now
- Use unique and complex passwords for each account
- Enable dual authentication (2FA) on all compatible services
- Opt for passkeys when available
- Installing an up-to-date antivirus and carry out regular analyses
- Use a secure password manager to automate these best practices
Use AppGratuit.com's Password Generator tool
Conclusion
This massive leak represents much more than just an isolated incident: it is a concrete demonstration of widespread digital vulnerability. The scale, freshness and diversity of the stolen data make it a powerful weapon in the hands of cybercriminals. In this context, adopting rigorous digital security practices is no longer an option - it's an absolute necessity.
