Accessibility links

Facebook   X   LinkedIn   Email

Yep. You Read That Right—16 Billion Records Exposed

July 28, 2025

You've probably seen it in the news. The cybersecurity outlet Cybernews revealed a colossal compilation of 16 billion login credentials leaked online, making it one of the largest data exposures in history. This massive treasure trove, distributed across 30 separate datasets, includes usernames, passwords, session tokens, and metadata such as URLs—likely harvested via infostealer malware from infected machines.

What accounts were affected?

The leak isn’t tied to a single platform breach, but spans a wide array of services—including Apple IDs, Google accounts (Gmail/YouTube), Facebook, Instagram, Telegram, GitHub, and even government credentials. However, duplicates likely inflate that 16 billion figure, as there’s no way to know exactly how many unique accounts were compromised.

An infostealer is a type of malware that secretly sneaks onto your device and steals your personal information—like your logins, passwords, credit card numbers, and browser data, to name a few.

Think of it like a digital pickpocket: once it’s on your device, it quietly watches what you type and/or collects saved info. It then sends that data to hackers who can use it to steal your identity, break into your accounts, or sell your info online.

Infostealers often get in through fake emails or websites, via downloaded sketchy files or apps, or by clicking pop-ups or ads that hide malware. Infostealer toolkits deployed on malware-ridden devices secretly siphon information, enabling attackers to take over accounts—even bypassing multi-factor protections in some cases.

What you should do now.

  • Change passwords on all critical services—prioritize email, banking, and social media.
  • Use unique, strong passwords across platforms—never reuse them.
  • Enable multi-factor authentication (MFA) everywhere. Most apps and websites offer this now.
  • Regularly monitor accounts for suspicious activity.
  • Ensure that antivirus/anti-malware is installed and kept updated. Perform regular scans to detect infostealer infections.

This massive discovery highlights the critical importance of cyber hygiene in the digital age. Whether you're a casual user or a business executive, these leaked credentials may already be circulating on the dark web. Prompt and proactive protection is essential—don’t wait for the next breach to strike.


Ways To See If Your Data Has Been Stolen

Education

Ways To See If Your Data Has Been Stolen

With all the data breaches, whether by intrusion or accident lately, it’s likely your information was exposed somehow to someone you didn’t intend. After all, the marketing company Exactis, exposed hundreds of traits on us in 350 million records. Yahoo let out email addresses and passwords on billions of people, and of course who can forget the massive breach of Equifax just last year. There is a lot of information that gets leaked on us and the more the bad actors have on us, the more targeted their phishing campaigns can be. Checking on whether or not your data is available in the underground can help you mitigate any fraud or identity theft. READ FULL STORY
Has Your Account Been Compromised? Five Cyber Smart Tips Everyone Can Use

Your Security

Has Your Account Been Compromised? Five Cyber Smart Tips Everyone Can Use

The transition to living life through our devices has become very real for scores of people and businesses. By now, the coronavirus has changed our lives in ways we never expected. This transition includes doing most things from home. Unfortunately, adapting to online life also gives bad actor’s a cornucopia of targets to exploit. There are proactive steps to take when you suspect an account may be compromised, including ways to help keep it from happening to begin with. READ FULL STORY
FBI Warns of Cookie Theft Leading to Stolen Email Accounts

Your Security

FBI Warns of Cookie Theft Leading to Stolen Email Accounts

It’s a Muppet nightmare! Recently, the FBI issued a warning about cybercriminals increasingly using stolen browser cookies to bypass multi-factor authentication (MFA). They specifically pointed out the theft of said cookies for AOL, Gmail, Outlook, and Yahoo email users. However, don’t be fooled by that. Anyone storing cookies for any website, email or favorite online shopping websites are at risk. Once attackers obtain these morsels of goodness, they can hijack sessions to impersonate the victim. READ FULL STORY
Common Signs Of Phishing To Keep In Mind When Your Inbox Overflows

Scams & Phishing

Common Signs Of Phishing To Keep In Mind When Your Inbox Overflows

With email phishing, deciphering what’s real from what’s fake can be a challenge. Our inboxes are stuffed with emails fighting to get our attention and get us to take some action. But how to ferret-out what’s legitimate takes some cyber-smarts. Research shows email is the primary method of spreading 92% of all malware, and the U.S. is the target of 86% of all email phishing attacks. Whether at home or at work, email phishing is relentless, but being aware of characteristics they have in common can be a powerful tool. READ FULL STORY
Crypto Wallets Hacked Through Windows Vulnerability

Mobile Security

Crypto Wallets Hacked Through Windows Vulnerability

The security of crypto wallets has been a question mark for some time. And now, there's a Windows vulnerability leaving users infected with a previously unknown infostealer that's draining crypto wallets. It's called Phemedrone Stealer and malicious campaigns are exploiting this Windows vulnerability to steal crypto wallet contents and other sensitive information from victims. The attackers use malicious .url files to download and exploit the vulnerability that bypasses checks and warnings from Microsoft Defender. READ FULL STORY