Recommended reading

16 billion password data breach hits Apple, Google, Facebook and more — LIVE updates and how to stay safe

Latest updates on one of the largest data breaches

News
By last updated
Split images of Apple, Google and Facebook logos
(Image: © Apple / Google / Facebook)

A massive 16 billion login credentials have been exposed in one of the larget data breaches in history, with datasets from Apple, Google, Facebook and more being compromised.

A Cybernews report details that records from over 30 databases have been stolen, with each containing up to 3.5 billion passwords from social media and VPN logins to corporate platforms and developer platforms.

The recent data breach contains a massive amount of information that can affect billions of online account, as cybercriminals now have access to a mass amount of login credentials.

Here are the latest updates on the data breach, how to find out if you're affected and how to stay safe.

What's exposed?

Currently, nearly all major platforms have been affected by the breach, including Apple accounts (formerly Apple IDs), Gmail, Facebook accounts and GitHub as well as instant messaging platforms like Telegram and both commercial and government platform portals.

The data appears to contain URLs, usernames and passwords. However, with the unfathomable size of the data that's been exposed, there's now way to tell how many accounts are currently under threat.

The stolen data appears to come from several infostealers, and while the datasets are new, the sheer amount of info could also be from a mix of different datasets from previous breaches, including a database containing 184 million records discovered in May this year.

How to stay safe

With the 16 billion login credentials now being exposed, it's important to check if your account has been exposed and to stay safe.

First, the best way to keep your account secure is to enable two-factor authentication (2FA). This will stop threat actors from easily accessing your online accounts, as a second form of authentication through an app, phone, passcode or a physical USB key will need to be approved by you. If you haven't already, find out how to enable 2FA right now.

Second, to find out if your login credentials have been affected, use Have I Been Pwned and check if your email is in the clear. If you are at risk, immediately change your password, delete unused accounts and consider using one of the best password managers to secure your online accounts.

Latest updates

Refresh

The data breach isn't all "new"

A picture of a skull made from computer code depicting a malware infection

(Image credit: Shutterstock)

A recent report from cybersecurity site BleepingComputer indicates the 16 billion password data breach actually isn't new, with the data instead likely to have been circulating for years.

The data may have been collected by cybercriminals and researchers and repackaged into the massive database, only for this to be exposed online. The infostealers involved in compiling the login credentials, such as usernames and passwords, may have been collected over time, with different archives being into the massive database.

Cybernews states that the data in the breach is recent and "not merely recycled from old breaches," but some data could be overlapping.

Either way, many credentials were exposed in the breach, so it's a good idea to secure your accounts, change your passwords and stay safe.

Update: Cybernews shares datasets with Apple, Google, Facebook and more URLs

Screenshot of data set of data breach

Dataset from data breach via Cybernews (Image credit: Cybernews)

Since news broke about the data breach, it's been difficult to tell if login credentials included accounts from Apple, Google, Facebook and more. But Cybernews has now shared screenshots of the datasets (not including personal info, of course).

These datasets show that there are URLs to Facebook, Google, Github, Zoom, Twitch, and other login pages. However, with the amount of data that is being exposed, the number of platforms that are affected is uncertain. As previously noted, there's reason to believe that every major platform has been affected by the data breach.

An alternative security option

Best USB drive

(Image credit: Kingston)

Many companies, including Google, Apple, and Microsoft, are using passkeys to reduce the growing risk of phishing attempts, as login credentials in data breaches that cybercriminals use can lead to account takeovers. In fact, Microsoft is now making passwordless the default for new users.

Niall McConachie, regional director (UK & Ireland) at Yubico (the company behind the YubiKey), reached out to weigh in on the data breach:

“As this huge data breach shows, passwords are just not good enough to protect our most important personal details and secure our online presence," McConachie states. "By continuing to rely on passwords, huge data breaches like this will persist — and they’ll only get worse.

McConachie continues: "As we rely on the internet more and more for critical services, users should opt for the highest-assurance authentication method to ensure their data is fully protected and not at risk of being accessed by cyber criminals.

“Instead of relying on passwords or legacy MFA to keep accounts safe, users must be encouraged to protect their accounts with device-bound passkey options like physical security keys."

Follow these steps to prevent getting hacked

A man looking at his laptop in a stressed and upset manner

(Image credit: Getty Images)

Data breaches aren't anything new, and one of our team has been hacked before. This was due to Adobe being hacked and the attackers getting a list of 153 million usernames and passwords in 2013.

If you're worried about the 16 billion data breach, you can find out the best steps to take to prevent being hacked and improve your online security.

Some essential tips include signing up for Have I Been Pwned, staying clear of reusing passwords, deleting unused accounts and making sure to enable two-factor authentication.

Record-breaking data breach?

A picture of a skull made from computer code depicting a malware infection

(Image credit: Shutterstock)

We've seen major data breaches before, including the RockYou2024 leak exposing nearly 10 billion passwords with a mix of old and new records, along with the previous RockYou2021, which kicked off with 8.4 billion passwords.

Recently, the largest ever data leak hit China and exposed more than 4 billion user records. This breach included financial data, WeChat and Alipay details as well as sensitive personal info like IDs, birthdates, phone numbers, and residential data.

This 16 billion password data breach is one of the largest in history, but last year we reported on the supermassive Mother of all Breaches (MOAB), which contained 26 billion records or 13 terabytes of data taken from previous leaks, breaches and hacked databases.

How to stay safe from infostealing malware

Abstract images depicting cyber security with a lock and PC keyboard

(Image credit: Song about Summer/Shutterstock)

With infostealers being the cause of the mass data breach, it's best to know how to keep your PC secure from the malware.

  • Trusted downloads: Only download software through legitimate websites and sources.
  • Stay clear of suspicious emails: Never click on unexpected links or attachments. Make sure you know the signs of phishing emails.
  • Update your system: Whether it's on your iPhone, Android phone, Windows laptop or MacBook, keep your system up to date with the latest security patches to stay secure.
  • Use a VPN: Virtual private networks can mask your identity online, making it harder for threat actors to track you down. Be sure to use one of the best VPNs.
  • Download antivirus software: This can keep many forms of malware at bay, including known infostealers. You can check out the best antivirus software for your system.
  • Enable 2FA: In case your login credentials are caught in the data breach, enabling two-factor authentication will make it harder for cybercriminals to access your online accounts.

Were Apple, Google and Facebook passwords leaked?

The datasets with exposed login credentials contained old and recent infostealer logs, and as Diachenko points out: "Credentials we’ve seen in infostealer logs contained login URLs to Apple, Facebook, and Google login pages.”

Many of the data sets contained other specific information. One dataset was named after Telegram with 60 million records, another was labeled with a name relating to the Russian Federation with 455 million records and one with the largest amount of records at 3.5 billion is said to have a connection to a Portuguese-speaking population, as Cybernews reports.

However, many datasets were also simply named "logins" and "credentials" with massive amounts of information. There's no way to tell what services these are for, and considering the billions of credentials leaked, there's reason to believe that accounts for any platform online are at risk.

Google warned users to replace passwords

Google Chrome

(Image credit: Thaspol/Adobe)

Earlier this month, Google released a survey detailing the growing awareness of the threat from scams in the U.S., stating that over 60% of users in the U.S. have seen an increase in scams over the past year. While many have seen scams through SMS texts, 61% state they have been targeted through emails.

Plus, the survey notes that one-third of those experiencing an increase in scams have "personally experienced a data breach." What's more, the FBI also states that online scams have seen a 33% rise last year, with a total of $16.6 billion being stolen.

In light of this data breach, there could be a major rise in phishing scams or account takeovers. This is why Google has warned users to change their passwords and rely on other forms of authentication, including passkeys.

Data breach only exposed 'briefly'

While this is named the largest data breach in history, the 16 billion login credentials were only exposed "briefly," according to researchers in the Cybernews report. However, it's still long enough for threat actors to gain information and to put accounts at risk.

"The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data," Cybernews states.

Along with this, out of the 30 datasets discovered, the majority of these were temporarily accessible through Elasticsearch, which is a free and open-source search engine, or "object storage instances."

Infostealer malware is to blame

mobile, malware

(Image credit: Shutterstock)

As per reports, infostealers are what caused the exposure of login credentials. This is a form of malware that can secretly steal sensitive data like passwords or chat logs and send them back to hackers.

Cybersecurity expert Diachenko states: "It comes from various infostealers logs. Probably a backend infrastructure left exposed. Elasticsearch is a good environment to query such logs."

Cybersecurity expert weighs in

We reached out to security researcher and owner of SecurityDiscovery.com Volodymyr Diachenko, about the data breach, who explains that it wasn't just from one infostealer malware, but many:

"First things first — it wasn't a single source of exposure. This is not about the number (though it is scary!), but the scale and rise of infostealers infections these days," Diachenko states.

"What this number reflects is the size of different infostealers datasets exposed publicly since the beginning of this year alone. They were observed by me and my team via passwordless repositories left exposed inadvertently."

The data breach is known to have come from various infostealers,

Change your passwords

Notebook with bad passwords

(Image credit: Shutterstock)

With 16 billion login credentials being exposed, there's a big chance that your account is at risk. If left unchecked, cybercriminals can gain access to your accounts, leading to phishing attacks, identity theft, ransomware and more.

To counter this, change your passwords immediately, especially if you reuse passwords for multiple accounts. It's a good idea to use a strong, complex password with a mix of numbers and symbols, and use PasswordMonster’s Password Strength Meter to see how effective it is.

To manage it all, it's a good idea to use one of the best password managers, as these will store, secure and autofill your passwords, and they also support passkeys across accounts.

Find out if you're affected

Screenshot of Have I Been Pwned website

(Image credit: Have I Been Pwned)

The easiest way to find out if your email and password are affected in this mass data breach is to use Have I Been Pwned. It's a free service that collates data from hacks and can also send you alerts when your online account is at risk.

The site will notify you if your email is involved in the breach, and you can also check if your password has been exposed through Pwned Passwords.

You can do a manual check right on the site, but we also recommend using the Notify Me service to make sure your accounts aren't affected in the future, too.

What's happening now

Graphic screen displaying malware detection warning

(Image credit: solarseven / Getty Images)

Security researchers have identified what they call "one of the largest data breaches in history", which includes more than 16 billion logins that include Apple credentials. According to a report from Cybernews, the staggering amount of information is contained in numerous datasets that have been uncovered since the start of the year.

So far, the researchers have discovered 30 datasets, each containing up to 3.5 billion records. This includes everything from social media and VPN logins to corporate platforms and developer platforms.

“This is not just a leak — it’s a blueprint for mass exploitation," the researchers told Cybernews.