Key Takeaways:
- Researchers have uncovered a breach involving more than 16 billion login credentials from platforms including Apple, Google, Facebook, Telegram, GitHub, and various government services.
- The datasets appear to be newly collected—not recycled from prior breaches—and may have been obtained through infostealer malware campaigns.
- Experts are urging individuals and organizations to take immediate security precautions, including changing passwords and enabling two-factor authentication.
A new cybersecurity analysis has revealed what may be one of the largest collections of stolen login credentials ever compiled. The breach comprises over 30 datasets containing approximately 16 billion username-password combinations, impacting a wide range of services used globally.
According to the research team that discovered the breach, the credentials were likely harvested through “infostealer” malware—malicious software designed to quietly extract saved passwords, session tokens, and browser autofill data from compromised devices. The datasets were found temporarily available online, which suggests rapid and uncontrolled dissemination.
What sets this incident apart is not just its scale, but the apparent freshness of the data. Unlike many public leaks that contain older, already-reset credentials, this collection appears to include current and usable login information. That significantly increases the risk of credential-stuffing attacks, phishing, account takeovers, and business email compromise.
Key Details
- Affected services include major tech platforms, cloud repositories, social apps, and government portals.
- Many of the credentials were likely obtained through infected personal or enterprise endpoints.
- The exposed data includes passwords, email addresses, and in some cases, session cookies and authentication tokens.
Recommended Actions
Cybersecurity professionals and consumer protection groups are advising immediate steps to limit exposure:
- Change passwords on any major accounts—especially those reused across multiple platforms.
- Enable two-factor authentication wherever possible, preferably using an authentication app or hardware token.
- Use unique passwords for each account, ideally stored in a secure password manager.
- Monitor for suspicious account activity and consider enabling login notifications on critical services.
Industry experts also point to this breach as a reminder of the urgent need to transition to passwordless authentication methods. Tech companies like Google, Apple, and Microsoft have been rolling out passkey support, which allows users to authenticate using biometric or device-based methods that are more resistant to phishing and theft.
Organizations are being encouraged to reevaluate their security posture as well. That includes reviewing endpoint protection, deploying credential monitoring services, and running phishing simulations and employee awareness campaigns.
Bottom Line
With billions of active credentials potentially circulating on criminal forums, this breach underscores how critical it is to maintain strong security hygiene—both personally and professionally. The most effective way to stay protected is to reduce reliance on passwords, use multifactor authentication, and act quickly when new threats emerge.
Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.
If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.
Don’t forget the collocated MSP Expo – just for managed service providers!
Aside from his role as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026, Rich Tehrani is CEO of RT Advisors and a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.
The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.
The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.
Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing







