A newly discovered leak, comprising of at least 16 billion credentials, has been discovered across multiple large datasets. The billions of login credentials exposed in this breach range from sites including social media, VPNs, developer portals, and user accounts for almost all major suppliers. None of these datasets had been previously reported as compromised, meaning this is entirely new and previously undisclosed login information.
It has been claimed that this huge leak of login credentials is down to infostealer malware. These malicious programmes quiet collect data from infected devices, unknowingly installed following the user mistakenly opening the digital front door to their system.
This can be through clicking a link in an email, downloading a file from the internet, installing fake browser extensions to name a few techniques. The majority of the data was presented in the form of a URL, followed by login information and password. This provides almost instant access to an unprecedented number of online services, from social media, cloud products and search engines, to official government sites and services.
Staying safe online is more crucial than ever. To protect yourself, immediately change your account passwords, start using a reliable password manager, and embrace passkeys wherever they’re available. Most importantly, don’t wait for your personal information to surface in the endless stream of leaked data, be proactive and protect your privacy.
What You Should Do:
- Change your passwords immediately, especially for important accounts like banking, email, and social media.
- Use strong, unique passwords for every single online service. Don’t reuse passwords!
- Enable multi-factor authentication (MFA) wherever possible. This adds an extra layer of security, like a code sent to your phone, even if your password is stolen.
- Consider using passkeys for services that support them. Passkeys are a newer, more secure way to log in that often doesn’t require a password.
- Use a reliable password manager to help you create and store strong, unique passwords.
- Be very careful about clicking on suspicious links in emails or text messages, as these could be phishing attempts.
