November 7, 2025
Random News

OSCE News

About Editor

Hillan Leo

Find Me On

Trending News

8 Common Running Injuries and How to Dodge Them
Sports
8 Common Running Injuries and How to Dodge Them 01
02
Lifestyle
Custom Kettlebells: Unlock Your Potential for Enhanced Performance
03
Lifestyle
Top 5 Trampolines with Net: Your Ultimate Guide to Safe Outdoor Fitness
04
Lifestyle
Beyond the Gym: The Essential Role of Customized Fitness and Nutrition in Your Health Journey
05
Lifestyle
Common Mistakes to Avoid When Filing a Personal Injury Claim

Urgent password change urged after 16 billion credentials found online

Jones05 mins
Urgent password change urged after 16 billion credentials found online

Internet users are being urged to change their passwords and bolster their online security after cybersecurity researchers discovered 16 billion login credentials in publicly exposed datasets — a trove that could be used by criminals to hijack everything from social media accounts to email logins.

Did Your Passwords Take a Wild Ride?

It turns out that the internet’s “free‑for‑all” password buffet is still serving up leftovers. In a recent deep‑scan by Cybernews researchers, a stash of 30 separate data sets exploded onto the scene, all featuring credentials gathered by sneaky programs called infostealers, plus some vintage breach loot from the past. Even if many of those accounts are duplicates or already trading places in the shadows, the sheer volume is enough to make anyone clutch their keyboard.

What’s on the Menu?

  • Facebook, Google, Apple accounts could be compromised—none of those giants suffered a fresh breach, but the data trickled in via malware that grabs logins straight from browsers or password managers.
  • Botched server configurations gave hackers a window; the data vanished after a quick takedown by the researchers.
  • According to Bob Diachenko—Ukrainian cyber‑savvy whiz who steered the investigation—over 85 % of the dump came from infostealer logs, and the rest from legacy breaches like LinkedIn’s 2012 fib.

Why It’s Serious

The format is alarmingly simple: URL → username → password. Imagine if you’re using the same sandwich for every bite—one crack opens the whole buffet. The data opens doors for account hijacks, phishing, and identity theft. If you’re a time‑or‑again user (like most of us), you might just be walking straight into a cyber shop‑liftoff.

Corporate Responses
  • Google: No intruder from their side; they pushed folks to lock up with password‑manager tools and the new passkey system.
  • Meta & Apple: Quiet on the front lines so far.
  • Darktrace’s Toby Lewis: Infostealers are still very real and in use. Instead of direct log‑ins, they scrape browser cookies—a silver‑lining that bypasses passwords altogether.
  • Peter Mackenzie of Sophos: The leak isn’t new, but it’s a stark reminder of the murky data out there. Now’s the time to change passwords and enable MFA.
Take‑Action Checklist
  • Switch your passwords immediately—especially if you’re repeating them.
  • Add a second (or third) factor wherever you can.
  • Use a password manager that crafts unique, strong passwords.
  • Check if your data shows up on HaveIBeenPwned (no link, just eyeball it).

Alan Woodward of Surrey University calls it a perfect spell for a password spring cleaning. He reminds us why zero‑trust security is trending: no device or user is trivially safe. If one hatched account can unlock your email, bank, or private messages, we’ve got to keep our guard up. The exposed datasets, dumped quickly yet still dangerous, serve as a blueprint for mass exploitation—so let’s not be complacent.

In short: Keep your passwords fresh, your MFA on, and never underestimate a single compromised login.

Related News