Security researchers have identified what they call "one of the largest data breaches in history", which includes more than 16 billion logins that include Apple credentials. According to a report from Cybernews, the staggering amount of information is contained in numerous datasets that have been uncovered since the start of the year.
So far, the researchers have discovered 30 datasets, each containing up to 3.5 billion records. This includes everything from social media and VPN logins to corporate platforms and developer platforms.
'This is not just a leak — it’s a blueprint for mass exploitation'.
“This is not just a leak — it’s a blueprint for mass exploitation," the researchers told Cybernews.
"With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing."
"What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale."
Despite the massive scale of these datasets, their existence seems to have gone largely unreported until now. Back in May, Wired reported the existence of a "mysterious database" containing 184 million records. This appears to have just been a fragment of the available information.
What's been exposed?
Given the sheer volume of breached data, hundreds of millions of logins for every conceivable platform — Apple accounts (formerly Apple IDs), Gmail and Facebook accounts as well as instant messaging platforms and both commercial and government platform portals.
The data appears to have been neatly compiled, with URLs, usernames and passwords indexed and presented together, which suggests the information was collected by infostealer malware that has been deployed across the web to harvest from misconfigured or unsecured databases.
The data appears to have been neatly compiled, with URLs, usernames and passwords indexed and presented together, which suggests the information was collected by infostealer malware
But, due to the size and the fact there's no way to check one dataset to another, it's highly likely there's overlapping information. Meaning the researchers don't know exactly how many people have been compromised.
All we know is that, according to the Cybernews report, one dataset (with over 455 million records) was named to "indicate its origins in the Russian Federation". Meanwhile, a second containing over 60 million records, was named after the messaging platform Telegram.
While this is (to date) seemingly one of the biggest troves of stolen login data discovered, the researchers said the datasets they found remained exposed only for a brief amount of time.
"The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data," Cybernews reported.
"Most of the datasets were temporarily accessible through unsecured Elasticsearch or object storage instances."
How to protect yourself
The single best method you can take to prevent your online accounts is to enable two-factor authentication (2FA). Just about every online service has this, whereby your password is your first factor and the second factor can be anything from an authenticator app or a passcode, phone call or even a physical USB key.
If you haven't started using 2FA yet, here's how to get started with it.
Here are some other things to consider:
More from Tom's Guide
- These three TP-Link routers are being targeted by hackers – here’s what to know
- Going on vacation? Secure your smartphone with these 7 tips
- I fell for the biggest security mistake and let hackers into my accounts — here's how I stopped them
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
