Cybersecurity analysts have confirmed a global leak of over 16 billion passwords and logins belonging to users of technology giants such as Apple, Google, Facebook, GitHub, Telegram, as well as government online services. Experts consider this incident to be the largest data breach in internet history.
This is reported by Бізнес • Медіа
Details of the Massive Hack
According to researcher Vilius Petkauskas from Cybernews, 30 different datasets have been discovered since the beginning of the year, each containing from tens of millions to over 3.5 billion unique records. Experts emphasize that this is not a reuse of old databases, but rather entirely new information that has not previously been publicly available. This means that most accounts have not been used in previous cyberattacks and may become targets for malicious actors.
“This is not just a leak — it is a plan of action for mass exploitation. These are not recycled old dumps, but new, large-scale, vulnerable information,” the experts noted.
The data is structured in the form of URLs with logins and passwords, allowing access to most online services and user accounts on leading platforms. Preliminary information suggests that several infostealers — specialized malware that steals credentials — are responsible for the leak.
Expert Advice on Protecting Accounts
Cybersecurity specialists strongly recommend that users change their passwords as soon as possible, implement two-factor authentication, and use password managers or switch to passkeys — an innovative method of authorization that provides a higher level of personal data protection. Special attention should be paid to accounts that have used the same passwords across different platforms.
CEO of Keeper Security Darren Guccione emphasized that such a massive leak highlights the risks of unauthorized disclosure of sensitive data, and organizations must implement zero-trust models to protect their users.
Lead security consultant at KnowBe4 Yawad Malik stated:
“Cybersecurity is a shared responsibility. Organizations must protect users, and users, in turn, must be vigilant and cautious.”
Security breaches like this can trigger new waves of cyberattacks if users do not update their information. It is worth noting that in May 2025, the cryptocurrency exchange Coinbase also reported a massive data leak, prompting the U.S. Department of Justice to initiate an investigation.