16 Billion Login Credentials Leaked in Historic Data Breach Affecting Tech Giants and Governments
In the most concerning cybersecurity attack so far, researchers have discovered a humongous data leak with almost 16 billion login credentials at stake, potentially affecting huge tech giants like Apple, Google, Facebook, Telegram, GitHub, and even governments across the globe.
It has been linked by cybersecurity researchers at Cyber News to infostealer malware, credential stuffing, and not previously disclosed leaks. Though some of the information is said to have been obtained from sources that are old, more of it has been reported to be new, organized, and highly actionable, and thus particularly lethal.
The Scale of the Breach
The hacked database is a “surreptitious repository” comprising 30 various datasets that were found just this year. Each of them contained tens of millions to more than 3.5 billion records, with an average of 550 million compromised credentials per dataset. This means the total number of hacked credentials is whopping 16 billion.
These data were found on public storage servers such as Elasticsearch or object storage infrastructure. Despite being available for only a short time, they were online long enough for cybersecurity experts to discover them. Scarily, the researchers could not trace the originator or the owner of this enormous archive.
Who Was Affected?
The effect is widespread. Apple, Facebook, Google, GitHub, Telegram, and Microsoft 365 are among the big tech monoliths who were reportedly the main targets. Apart from that, social media sites, VPN tools, developer tools, business portals, and government agencies from various nations have been hacked.
Interestingly, most of the data sets were new and had never been seen in any previous known breaches, suggesting that this is not an old leaks rehash. One of the data sets, for example, was simply titled Telegram and included 60 million records by itself.
How Threat Actors Could Exploit This
Researchers are sounding the alarm regarding the how organized and structured the stolen data seems to be. Each record allegedly has the same format: URL, username/email, and password—enabling attackers to easily automate phishing attacks, conduct account takeover attacks, deploy ransomware, or conduct business email compromise (BEC).
Since the information is properly indexed, it presents a major danger to the digital security of users across platforms. The credentials can be utilized to gain entry into not just individual accounts but corporate networks as well, with huge financial and data loss for both corporations and individuals.
Unanswered Questions and Growing Concerns
Despite the severity of the breach, it remains unclear who orchestrated it. Cybersecurity experts are still investigating how such a large volume of structured credentials ended up exposed online without detection.
Meanwhile, Google recently took down malware that was exploiting Google Calendar to steal user information, adding another layer to the growing concern over rising cyber threats.
The hack highlights the importance of a need for organizations and individuals to embrace enhanced cybersecurity habits such as multi-factor authentication, password resets on a regular basis, and tracking unfamiliar login behavior.
As more information becomes known, users are being urged by experts to check instantly whether their own credentials have been exposed through services such as Have I Been Pwned or through other tracking tools.
