Cybernews, the platform that originally uncovered the 26 billion record breach that still stands as the biggest in human history, has discovered yet another big breach: 16 billion sets of login credentials have been leaked.
This isn’t just concentrated on one platform or one part of the world, according to their research. No, this is a global issue that may span everything from Google and Facebook to government utilities.
And, while multi-factor authentication can get around the issue of someone logging into your account from a different IP address, those who don’t have 2FA or extra layers of security may be at risk.
You may want to change your password
The breach doesn’t just include passwords; it also includes the login info paired with them. So, it’d have the email/username associated with that account so that someone could just log right in and get access to personal information.
It isn’t yet clear the extent to which this data breach has spread, but big names like Google, Netflix, and Facebook immediately came up as areas of concern in Cybernews’ research.
“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing,” one of their researchers claimed.
“What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale.”
The data is acquired through infostealer malware, and the attack is ongoing, according to their research. The team claims the 16 billion number is taken from 30 exposed datasets that range from “tens of millions to over 3.5 billion records each”, with the researchers claiming that new datasets emerge every few weeks.
Due to the scattered nature and loose identifiers tied to these data sets, it’s virtually impossible to distinguish what services have been affected. The safest thing you can do is change your password and enable some form of multi-factor authentication on your account.
Content shared from www.dexerto.com.