One of the most massive data breaches in history has occurred — 16 billion accounts have been compromised, equivalent to nearly two accounts for every person living on the planet. This serves as a reminder of the importance of regularly changing passwords and maintaining digital hygiene.
G. Ostrov
The world has faced one of the largest data breaches in history — 16 billion compromised accounts have been exposed to public access. This colossal amount of data is equivalent to two accounts for every person living on Earth.
Scale of the Catastrophe
Unlike previous major breaches that mainly contained previously compromised data, this megaleak consists almost entirely of previously unknown databases. The Cybernews team, responsible for identifying and cataloging numerous previous major leaks, assembled the datasets making up this latest 16-billion-record breach.
Only one dataset in the breach — a 184 million-record batch reported by Wired — had been previously known. The rest are all new from around the world, including three distinct batches that each contained over 1 billion credentials.
Data Origins
The datasets making up the 16B breach are largely unconnected and have been uncovered by security researchers since January. The largest batch, sourced from Portuguese-speaking populations, contains 3.5 billion credentials. Other major batches are named after Russian logins, Telegram logins, and a host of largely generic names.
Concerningly, it is not yet known who originally owned most of the data batches making up the breach. This means that clear action items to wipe your data from these collections cannot be issued, nor can researchers tell what attacks were being considered for the data.
Consequences for Users
As with all mega security breaches, the 16B leak serves as a loud reminder to practice clean internet hygiene by choosing secure passwords that are changed regularly. The breach has not yet hit the same notoriety as other, snappier-named breaches like RockYou2024 or the 26-billion-login MOAB breach, meaning data brokers may not have exploited the logins yet.
It also means that databases that serve to warn users about their compromised data have not yet been populated with the leaked accounts. Internet browsers like Firefox or Chrome that warn users of compromised credentials or third-party tools haven't yet been updated with the newly revealed stolen credentials.
Precautionary Measures
Large collections of stolen credentials like the ones making up this megaleak are often used in major digital offensives like phishing scams or other attacks that scale up well. Therefore, beyond ensuring your passwords are safe and regularly changed, being wary of phishing and other likely scams is also good internet safety that should always be practiced.
It is recommended to immediately check your accounts for compromise and change passwords for all important services. Using two-factor authentication also significantly increases the level of security.
Detailed information about the data breach can be found on the official Cybernews website.
If you have any problems, contact us, we will help quickly and efficiently!