16 billion records leaked in "unimaginable" data breach

[Free]

It's Thursday. Probably time to reset all your passwords.

The 16-billion-record data breach that no one’s ever heard of

Several collections of login credentials reveal one of the largest data breaches in history, totaling a humongous 16 billion exposed login credentials. The data most likely originates from various infostealers.

Unnecessarily compiling sensitive information can be as damaging as actively trying to steal it. For example, the Cybernews research team discovered a plethora of supermassive datasets, housing billions upon billions of login credentials. From social media and corporate platforms to VPNs and developer portals, no stone was left unturned.

Our team has been closely monitoring the web since the beginning of the year. So far, they’ve discovered 30 exposed datasets containing from tens of millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records.

 

[GoblinCampFollower]

Well that obviously sounds really bad.... But I'm not going to panic just yet. It sounds like this 16 billion number likely contains a lot of duplication and records that were already known to be stolen in all likelihood. I'd not be surprised if there are new, not already known breaches in there yet though.

 

[Free]

Well that obviously sounds really bad.... But I'm not going to panic just yet. It sounds like this 16 billion number likely contains a lot of duplication and records that were already known to be stolen in all likelihood. I'd not be surprised if there are new, not already known breaches in there yet though.

Ummmm...from the article:

None of the exposed datasets were reported previously, bar one: in late May, Wired magazine reported a security researcher discovering a “mysterious database” with 184 million records. It barely scratches the top 20 of what the team discovered. Most worryingly, researchers claim new massive datasets emerge every few weeks, signaling how prevalent infostealer malware truly is.

“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale,” researchers said.

 

[Essence Lumin]

It's Thursday. Probably time to reset all your passwords.

The 16-billion-record data breach that no one’s ever heard of

They say that 3.5 billion of those are most likely Portuguese. That is more than 10 records for every Portuguese man, woman and child. Seems unlikely and whatever, who is cybernews anyway?

 

[Free]

They say that 3.5 billion of those are most likely Portuguese. That is more than 10 records for every Portuguese man, woman and child. Seems unlikely and whatever, who is cybernews anyway?

Sigh... This is real, people. Here's Forbe's piece on it:

16 Billion Apple, Facebook, Google And Other Passwords Leaked

As 16 billion credentials are confirmed as having been leaked, is it time to switch from passwords to passkeys?

www.forbes.com

 

[Sid]

Oh Boy. now some people might know how to log in to this account on VVO. right?
Or SL? I would not notice that one these days.

 

[Free]

Or SL? I would not notice that one these days.

Oh, you've been one of my alts for a few years now.

 

[Essence Lumin]

Sigh... This is real, people. Here's Forbe's piece on it:

16 Billion Apple, Facebook, Google And Other Passwords Leaked

As 16 billion credentials are confirmed as having been leaked, is it time to switch from passwords to passkeys?

www.forbes.com

Whenever I go onto google news it's always Forbes that is fearmongering about internet stuff. They mainly just quote cybernews for the article above. You do realize that 16 billion passwords is twice as many as people on earth? If they are duplicated that doesn't mean anything either. 16 billion passwords duplicated a billion times is 16 passwords. They don't say. Let's take a look, from today and yesterday at Forbes nonsense.

Job Hunting Is A Trap. Use This ChatGPT Strategy Instead.

Amazon Issues Security Warning As Prime Account Hacks Surge

Google Chrome Warning Issued For All Windows Users

Why You Should Stop Using SMS 2FA Codes On Your Smartphone

 

[Free]

who is cybernews anyway?

16 billion accounts exposed in one of the largest data breaches in history — enormous data haul holds two accounts for every human alive

Cybernews, the team responsible for IDing and cataloging a significant number of previous major leaks, assembled the datasets making up this most recent 16B leak. Only one dataset in the breach, a 184 million-record batch reported by Wired, had been previously reported. The rest are all new from all over the world, including three distinct batches that held over 1 billion credentials each.

If you have to ask who Tom's Hardware is, I'm out.

 

[Free]

Whenever I go onto google news it's always Forbes that is fearmongering about internet stuff.

You don't have to believe the news about this data breach is real. That's your option.

 

[GoblinCampFollower]

You don't have to believe the news about this data breach is real. That's your option.

Personally, I definitely believe it's real. I'm a little suspicious of some of the details described in the articles, but I have no doubt there have been many big breaches. I am trying to find out more about the true source of these datasets before I just go around changing every password I have. That gets exhausting after a while...

 

[Essence Lumin]

It's just silly. Since they didn't really say anything besides effectively water is wet I don't disagree with that. Since they don't even put one line in about whether the passwords were encrypted or how many times they are duplicated it is meaningless.
cybernews is owned by mediatech who controls wellnesspulse where you can find out if
there are Real Benefits of Drinking Hot Water? as well as investor's observor where you can read why
'You’re not bullish enough'—Why Hims & Hers may be Wall Street’s most underrated weight-loss stock and a bunch of other click bait stuff.

You believe what you want to but to me it's obviously nonsense.

 

[Sid]

16 billion accounts exposed in one of the largest data breaches in history — enormous data haul holds two accounts for every human alive


If you have to ask who Tom's Hardware is, I'm out.

Is it allowed to ask WHAT Tom's hardware is though?
I honestly have no clue.

 

[Essence Lumin]

Is it allowed to ask WHAT Tom's hardware is though?
I honestly have no clue.

It's a well known site that describe themselves as for "tech enthusiasts" and "helping you make the most of computer hardware since 1996. "

 

[CronoCloud Creeggan]

It's a well known site that describe themselves as for "tech enthusiasts" and "helping you make the most of computer hardware since 1996. "

That's turned into mostly Forbes-ish click-bait anymore. Forbes isn't the quality source it used to be when it was a REAL magazine, it's like Medium now.

 

[GoblinCampFollower]

...Since they don't even put one line in about whether the passwords were encrypted or how many times they are duplicated it is meaningless.

Agreed. I'm not saying this breach isn't real, I'm just not going to panic YET.

 

[Noodles]

Oh Boy. now some people might know how to log in to this account on VVO. right?
Or SL? I would not notice that one these days.

If my posts become more coherent and start slinging dick pills without typos, then you will know it's not me just trying to scam you all for that sweet sweet dick pills money.

PS, buy some Autotestryl here. It's great!

 

[Free]

OK, mea culpa.

No, the 16 billion credentials leak is not a new data breach

News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks.

www.bleepingcomputer.com

News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks.

To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials.

Instead, these stolen credentials were likely circulating for some time, if not for years. It was then collected by a cybersecurity firm, researchers, or threat actors and repackaged into a database that was exposed on the Internet.

 

[Kamilah Hauptmann]

And the Winner is!

Agreed. I'm not saying this breach isn't real, I'm just not going to panic YET.

 

[Free]

And the Winner is!

Next up you'll suggest we play Global Thermonuclear War.