Largest Data Breach in History: *16 Billion* Login Credentials Exposed in Databases 11  boonchai wedmakawand/Getty
Lucas Nolan19 Jun 202579
3:09
Security researchers have uncovered potentially the largest data breach in history, comprising an astounding 16 billion login credentials, which include Apple accounts.
9to5Mac reports that a team of security researchers has stumbled upon a massive trove of stolen login credentials, exposing an unprecedented 16 billion records, including Apple accounts. The discovery, which researchers describe as “one of the largest data breaches in history,” has sent shockwaves through the cybersecurity community and raised serious concerns about the potential for widespread account takeovers, identity theft, and highly targeted phishing attacks.
The researchers, from the cybersecurity firm Cybernews, initially found a database containing 184 million records sitting unprotected on a web server last month. However, as they delved deeper, they realized that this was just one of many unsecured databases full of private information. Further investigation revealed an additional 29 datasets, each containing tens of millions to over 3.5 billion records. In total, the researchers uncovered a staggering 16 billion records, making this one of the biggest stolen login discoveries of all time.
What sets this breach apart from others is the freshness and organization of the data. The researchers emphasized that these are not just recycled old breaches, but rather “fresh, weaponizable intelligence at scale.” The neatly structured data, which includes URLs, usernames, and passwords, points to infostealers as the likely source. Infostealers are a type of malware specifically designed to collect login credentials in this exact format.
The implications of this breach are far-reaching and deeply concerning. With access to such a vast number of login credentials, cybercriminals can easily carry out account takeovers, steal identities, and launch highly targeted phishing campaigns. Apple accounts, which are among the exposed credentials, are particularly worrisome, as they can be used to access a wide range of sensitive information and services, including iCloud, Apple Pay, and the App Store. Other logins reportedly included in the massive datasets include Google, Facebook, instagram, Amazon, and many other popular web services.
In light of this discovery, experts are urging users to take immediate steps to protect their accounts and personal information. This includes enabling two-factor authentication, using strong and unique passwords for each account, and regularly monitoring accounts for suspicious activity. Additionally, users should be cautious when clicking on links or downloading attachments from unknown sources, as these could be part of a targeted phishing campaign. |
