Security
A photo of a mouse pointer on the word Security. Pixabay/Pexels

A massive cache of over 16 billion login credentials has surfaced online, potentially affecting users of Apple, Google, Facebook and other major platforms. Cybersecurity experts warn it is one of the largest credential leaks to date, with fresh passwords alongside older data, sourced from malware-infected devices

One of the Largest Credential Leaks to Date

The breach was first identified by Lithuania‑based researchers at Cybernews, who found more than 30 structured datasets posted to an online forum used by cybercriminals. The files contain usernames, passwords and login URLs linked to a wide range of services. These include large technology platforms such as Apple and Google, social media companies like Facebook and Telegram, and even government websites and developer tools.

Unlike previous leaks that simply republished outdated information, many of the records in this collection appear to be new. According to the researchers, the information was harvested by malware designed to steal credentials directly from infected devices, suggesting that the breach remains an active and ongoing threat. Some of the malware involved includes infostealers that capture login data, cookies, and saved credentials from browsers.

Tech Firms and Authorities Respond

Google has issued a public advisory recommending that users change their passwords immediately. The FBI has also warned of a likely increase in phishing scams sent via email and SMS, as criminals seek to exploit the stolen data to gain access to further accounts.

Cybersecurity experts have urged users not to delay. Darren Guccione, CEO of antivirus company Keeper Security, said the breach shows 'how easy it is for sensitive data to be unintentionally exposed online,' and stressed the need for individuals to adopt stronger security habits. He also noted that reused passwords across multiple platforms significantly increase the risk of cascading account takeovers.

Google
Google and UK National Cyber Security Centre (NCSC) offer free cybersecurity training to SMEs for enhanced online protection in 2023.
Josh Edelson/AFP

What Users Should Do Now

With billions of login combinations now in circulation, users are being advised to take immediate action. In the UK, the National Cyber Security Centre (NCSC) recommends creating strong passwords using three random words rather than predictable terms like pet names. This includes creating unique passwords for each service, enabling multi-factor authentication, and using password managers to generate and store secure credentials.

For cryptocurrency holders, there is added concern. If email credentials are compromised, any connected crypto wallets could also be at risk, particularly those relying on password-protected backups or recovery phrases sent by email.

Security analysts have also noted that the datasets may include metadata such as session tokens and browser fingerprints, which could allow cybercriminals to bypass some authentication systems altogether. This makes it possible for attackers to mimic legitimate user sessions and gain access without triggering security alerts.

While the full extent of the breach is still being investigated, the size and freshness of the data set it apart from previous incidents. Experts say that this event signals a growing need for global awareness around digital security and password hygiene.

Even users who have not noticed suspicious activity are advised to review their account settings and change their credentials as a precaution. With data breaches growing more sophisticated and widespread, personal vigilance has become a key line of defence.