16 billion passwords exposed in record-breaking data breach

[LASER_oneXM]

Content source

https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/

16 billion passwords exposed in record-breaking data breach, opening access to Facebook, Google, Apple, and any other service imaginable​

Several collections of login credentials reveal one of the largest data breaches in history, totaling a humongous 16 billion exposed login credentials. The data most likely originates from various infostealers.

This story, based on unique Cybernews findings and originally published on the website on June 18, is constantly being updated with clarifications and additional information in response to public discourse. The most recent version of the article features comments from Cybernews researcher Aras Nazarovas and Bob Diachenko who unveiled this recent data leak.

Key takeaways:

The largest data breach in history involves 16 billion login credentials
The records are scattered across 30 different databases, and some records are or might be overlapping
The data most likely comes from various infostealers
The data is recent, not merely recycled from old breaches
Cybercriminals now have unprecedented access to personal credentials and could exploit them for account takeovers, identity theft, and targeted phishing attacks

What do the billions of exposed records contain?​

Researchers claim that most of the data in the leaked datasets is a mix of details from stealer malware, credential stuffing sets, and repackaged leaks.
There was no way to effectively compare the data between different datasets, but it’s safe to say overlapping records are definitely present. In other words, it’s impossible to tell how many people or accounts were actually exposed.

However, the information that the team managed to gather revealed that most of the information followed a clear structure: URL, followed by login details and a password. Most modern infostealers – malicious software stealing sensitive information – collect data in exactly this way.

 

[cofer123]

Time to add a ! at the end of all my passwords.

 

[Marko :)]

And once again... I'm not affected by this data breach.

 

[superleeds27]

No, the 16 billion credentials leak is not a new data breach

News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks.

www.bleepingcomputer.com

 

[TairikuOkami]

I took the oportunity and I have changed all core passwords. I have not done an overall physical backup in 2 years, talk about the convenience, they should hack passwords more often.

 

[oldschool]

Clickbait. Word.