Cybersecurity researchers uncovered 30 separate databases containing a staggering 16 billion login records – the largest leak ever reported. The data, briefly exposed online, includes credentials for services like Apple, Google, Facebook, GitHub, and government portals.

Contrary to initial reports, this isn’t one new breach. Security expert Bob Diachenko confirmed: "No centralized breach hit these companies." Instead, the data combines:

➢ Infostealer malware harvests

➢ Recycled passwords from past hacks

➢ Credential-stuffing sets

Many records overlap or are outdated.

Key Findings:

➢ The biggest dataset held 3.5 billion entries (likely targeting Portuguese speakers).

➢ Leaked info often included URLs, passwords, session tokens, and cookies – allowing hackers to bypass two-factor authentication.

➢ New datasets emerge every few weeks, showing how widespread infostealer malware has become.

How to Protect Yourself:

1、Check HaveIBeenPwned.com – Enter your email/phone to see if you’re affected.

2、Refresh passwords immediately – Especially reused ones. Use strong, unique combinations.

3、Enable two-factor authentication – Critical for email and financial accounts.

4、Monitor accounts – Watch for suspicious activity.

Cybernews researchers found the data in unsecured servers but couldn’t trace most owners. While the 16 billion figure includes duplicates, experts warn: Any exposed data puts users at risk of phishing, identity theft, or account takeovers.

Bottom line: Don’t panic – but take action. Password managers and 2FA remain your best defense. Companies like Apple and Google confirm their systems weren’t breached, but your personal logins could still be in hackers’ hands.