The figure is staggering: 16 billion stolen credentials were gathered and then published in a structured form on a forum specializing in cybercrime. Experts believe this is not a compilation of old, already known databases. The alert issued by Cybernews is based on fresh data, mostly obtained via infostealer malware, capable of sucking up credentials stored in unprotected browsers or password managers.
The data in question was organized into around thirty separate sets, one of which alone is believed to contain nearly 3.5 billion lines. Inside, we find thousands of targeted platforms, ranging from web giants like Google, Apple, Facebook, and GitHub, to sensitive services such as banks, encrypted messaging services, VPNs, and even government services. Many digital identities are at risk of massive hacking, with all the consequences that this can entail.
A working database
Unlike some past leaks, where the data was often incomplete or outdated, the corpus discovered this time is described as exploitable, structured, and "ready to use." In other words, it represents a veritable toolbox for cybercriminals. In short, these credentials can be used to:
- launch credential stuffing attacks (automatic testing of millions of logins on various sites),
- hack personal or professional accounts,
- bypass poorly configured security systems,
- deploy targeted ransomware after an initial infiltration,
- or even steal the identity of victims as part of online scams.
Certain payment services such as Alipay or WeChat are among the identified targets, which suggests the possible level of sophistication of future attacks, particularly in professional environments, banking services or messaging applications.
The data was not all obtained in the same way because the researchers mention several collection vectors: infections by infostealer-type malware, resales of databases from previous leaks, data collection via dubious browser extensions, or targeted phishing. Added to this is the growing trend of exploiting human vulnerabilities, particularly through password reuse across different services.
In many cases, victims are unaware that their machine is compromised, as infostealers operate discreetly in the background. Once the information is collected, it is aggregated on clandestine servers before being resold or published, as here, on a very large scale.
How to protect yourself?
Given the scale of the threat, specialists are calling for an immediate strengthening of good digital security practices. The first priority: change your passwords, especially those related to critical services (email, bank accounts, social networks).
Using a secure password manager is strongly recommended to generate unique and strong passwords. Most experts also stress the importance of enabling two-factor authentication (2FA) wherever possible, and even switching to passkeys when platforms allow it. These newer security systems significantly limit the risk of credential leaks because they make login dependent on a device or biometric validation.
It's also worth checking whether your email address is in a compromised database by consulting services like Have I Been Pwned or Firefox Monitor. Even if the recently released database hasn't yet been integrated into these tools, this allows you to measure your past exposure.
0 Comments