Skip to content
Search

Latest Stories

Record-breaking data breach exposes 16 billion credentials, raising global cybersecurity concerns

The records, uncovered by researchers at 'Cybernews'

Record-breaking data breach

The data is spread across 30 different datasets

iStock
Gayathri Kallukaran
By Gayathri KallukaranJun 20, 2025
Gayathri Kallukaran
Gayathri Kallukaran is a Junior Journalist with Eastern Eye. She has a Master’s degree in Journalism and Mass Communication from St. Paul’s College, Bengaluru, and brings over five years of experience in content creation, including two years in digital journalism. She covers stories across culture, lifestyle, travel, health, and technology, with a creative yet fact-driven approach to reporting. Known for her sensitivity towards human interest narratives, Gayathri’s storytelling often aims to inform, inspire, and empower. Her journey began as a layout designer and reporter for her college’s daily newsletter, where she also contributed short films and editorial features. Since then, she has worked with platforms like FWD Media, Pepper Content, and Petrons.com, where several of her interviews and features have gained spotlight recognition. Fluent in English, Malayalam, Tamil, and Hindi, she writes in English and Malayalam, continuing to explore inclusive, people-focused storytelling in the digital space.
See Full Bio
Follow:

A massive new cybersecurity report has revealed what experts are calling the largest data breach in history, involving over 16 billion login credentials. The records, uncovered by researchers at Cybernews, appear to come from a variety of sources and have raised alarm bells across the tech and cybersecurity industries.

Unprecedented scale of exposure

The data is spread across 30 different datasets, with individual troves containing between tens of millions and more than 3.5 billion credentials each. In total, the exposed records add up to 16 billion, a staggering number that equates to more than two credentials for every person on Earth.

Most of these credentials appear to have been collected through infostealer malware and other illicit methods. These tools typically capture usernames, passwords, tokens, cookies, and other metadata from compromised systems, packaging the data in a uniform structure, typically a URL followed by login details and passwords.

Not old data, but fresh and dangerous

What makes this breach especially concerning is the recency of the data. Researchers confirm that the datasets are not simply recycled from old breaches, but largely consist of new logs collected in recent months. Many include access credentials to services such as Apple, Facebook, Google, GitHub, Zoom, and Telegram.

Although some of the login pages referenced in the data are from popular global platforms, cybersecurity researcher Bob Diachenko clarified there was no centralised data breach at these tech giants. Instead, credentials linked to their login portals were likely captured via infostealers installed on individual users’ devices.

Multiple datasets, unclear ownership

The 30 datasets uncovered differ significantly in size and origin. The largest, containing over 3.5 billion records, is suspected to be linked to Portuguese-speaking regions. Other datasets hint at Russian sources or specific platforms like Telegram. Many have generic names such as “logins” or “credentials”, providing little insight into their exact source.

Despite the vast quantity of data, the researchers have been unable to identify a single entity behind the breach. It remains unclear whether the datasets were compiled by security researchers monitoring for leaks or by cybercriminal groups aggregating stolen information for exploitation.

While the datasets were only briefly exposed — typically via unsecured Elasticsearch or cloud storage instances — this short window was enough for experts to confirm their contents and raise concerns.

A blueprint for cybercrime

Experts warn that this is not merely a leak, but “a blueprint for mass exploitation.” The exposed credentials, which include sensitive data such as tokens and cookies, could be used for a range of attacks: from account takeovers and identity theft to ransomware campaigns and targeted phishing.

This kind of large-scale credential exposure is particularly dangerous for organisations lacking robust cybersecurity measures, including multi-factor authentication (MFA). Without these defences, hackers could easily use stolen credentials to breach systems and escalate attacks internally.

How users and organisations can respond

With the source of the leak uncertain and the extent of the damage unclear, there are few direct actions individuals can take. However, cybersecurity experts strongly recommend several key practices:

  • Use a password manager to generate and store strong, unique passwords for each service.
  • Enable multi-factor authentication (MFA) wherever possible.
  • Regularly review accounts for unauthorised activity.
  • Run regular malware scans to detect and remove infostealers.

Diachenko, who contributed to the Cybernews report, stressed that while the breach doesn’t indicate failures at platforms like Facebook or Google, it still poses a widespread risk. “Credentials we’ve seen in infostealer logs contained login URLs to Apple, Facebook, and Google login pages,” he noted.

This implies that while the platforms themselves may be secure, any user who has been compromised by infostealer malware could unknowingly provide cybercriminals access to those services.

A reminder of growing data breach risks

This record-setting exposure is just the latest in a growing trend of large-scale data breaches. The fact that datasets of this size continue to emerge, often unnoticed for months, highlights the evolving nature of cybersecurity threats.

As digital services become more embedded in daily life, the potential fallout from data breaches expands. This incident serves as a stark reminder of the need for vigilant data hygiene, both for individual users and the organisations that serve them.

centralised breachcybersecurity reporttech industrylargest breachappledata breaches

Related News

India sees faster growth despite impact of US tariffs
Business

India sees faster growth despite impact of US tariffs

Fujitsu
Business

Fujitsu denies ‘parasite’ claim over Post Office contracts

India's gold demand shifts from jewellery to coins, bars
Featured

India's gold demand shifts from jewellery to coins, bars

India says it is now world’s fourth-biggest economy
Business

India says it is now world’s fourth-biggest economy

More For You

ArcelorMittal

The agreement is designed to help ArcelorMittal strengthen the long-term competitiveness of its French steel production

iStock

ArcelorMittal, EDF seal 18-year nuclear power supply deal in France

Highlights

  • EDF to allocate part of its nuclear fleet capacity to ArcelorMittal for 18 years.
  • First electricity deliveries began on 1 January 2026.
  • Deal supports low-carbon steel production, competitiveness and energy sovereignty.
ArcelorMittal and EDF have signed a Nuclear Power Production Allocation Contract (CAPN) to secure a long-term supply of low-carbon electricity for ArcelorMittal’s sites in France.
The agreement was signed on 26 December 2025 and represents a significant step in the steelmaker’s energy strategy in the country.

Under the contract, EDF will allocate a share of the capacity of its operating nuclear fleet to ArcelorMittal for a period of 18 years.

The arrangement follows a letter of intent signed by the two companies in January 2024 and aims to provide stable, competitive and low-carbon electricity to support industrial operations.

Keep ReadingShow less
© Copyright 2026 Garavi Gujarat Publications Ltd & Asian Media Group USA Inc
Contact Us