Record-Breaking Data Breach Exposes 16 Billion Passwords: Apple, Google, Facebook Among Affected

New Delhi, June 20: In what is being described as the largest data breach in history, over 16 billion login credentials and passwords have been leaked online, potentially compromising accounts on major platforms like Apple, Google, Facebook, GitHub, Telegram, and even various government services.

The shocking revelation comes from cybersecurity platform Cybernews, which warns that the exposed data is not a mere recycling of old leaks, but rather “fresh, weaponisable intelligence at scale”, posing a severe risk to billions of internet users globally.

Leak a 'Blueprint for Mass Exploitation'

Cybernews reports that the breach is an amalgamation of data sourced from various infostealers—malware designed to harvest login credentials from infected systems. The datasets were reportedly accessible for a short period through misconfigured Elasticsearch and object storage instances.

“This is not just another data leak. It’s a blueprint for mass exploitation,” the report stated. With over 16 billion records now in the wild, cybercriminals have unprecedented access to private credentials that can be used for account takeovers, identity theft, and highly targeted phishing attacks.

Recency and Structure of Data Alarming

Researchers noted that what's most concerning is the recent nature and organized structure of the datasets, highlighting that these are not older breaches being recycled but rather fresh data with the potential for real-time misuse.

While it remains unclear who is behind the breach, there is speculation that the leak could stem from stolen datasets already in the possession of cybercriminals or underground groups.

The leaked credentials reportedly include login details from:

• Apple

• Facebook

• Google

• GitHub

• Telegram

• Government services across various countries

Urgent Advisory for Internet Users

In light of the breach, cybersecurity experts are urging all internet users to:

• Immediately change passwords on major platforms

• Use unique, strong passwords

• Enable two-factor authentication wherever possible

• Avoid reusing passwords across multiple platforms

With the scale and severity of this breach, security experts are also calling for stricter data protection laws and improved cyber hygiene among organizations and individuals alike.