Latest news with #dataleak
Yahoo
2 days ago
- Yahoo
‘Passwords Data Breach' Trend Explained Amid Apple, Google & Facebook Leak
Wondering why 'password data breach' is trending online? The trend centers around a massive password leak as researchers reveal that over 16 billion login details have been exposed. Moreover, the stolen information reportedly includes usernames and passwords for popular services like Apple and Google. Without further ado, here are all the details we've gathered about the password leak that is dominating online search trends. The term 'password data breach' is trending widely online after cybersecurity researchers confirmed what is believed to be the largest collection of stolen login credentials in history. In a new discovery, 16 billion sets of credentials, including usernames and passwords, have been leaked online. The discovery was made by the research team at Cybernews, led by Vilius Petkauskas, who has been investigating this incident since early 2025. The leak appears to be the result of multiple infostealer malware attacks, malicious programs that secretly collect login data from infected devices. Petkauskas confirmed that his team had found 30 different data dumps, each containing tens of millions to billions of records. These exposed datasets are believed to be fresh and highly exploitable. Google, Facebook, GitHub, Telegram, and even government services can be impacted by this. Much of the data is organized in a basic format: website address, username, and password. This structure makes it especially easy for hackers to weaponize. Experts warn this isn't just a privacy concern, but a critical security threat. As Lawrence Pingree, a VP at Dispersive, noted, this kind of data is routinely circulated and sold on the dark web, often repackaged and redistributed. These credentials open the door to phishing schemes, identity theft, and account takeovers. (via Forbes) In response to the breach, Google has been promoting the use of passkeys as a safer alternative to traditional passwords, urging users to enhance their security practices. Meanwhile, the FBI continues to advise people against clicking on suspicious links sent via text message. Originally reported by Disheeta Maheshwari on The post 'Passwords Data Breach' Trend Explained Amid Apple, Google & Facebook Leak appeared first on Mandatory.
Yahoo
2 days ago
- Yahoo
Billions of login credentials may have leaked. Here's how you can protect your accounts
A report that independent cybersecurity news outlet Cybernews published on Wednesday claimed 16 billion login credentials were exposed and compiled into datasets online, giving cybercriminals access to accounts on such online platforms as Google, Apple and Facebook. CBC News was unable to independently verify the report, but cybersecurity experts say the incident is yet another reminder for people to regularly change their passwords and not use the same one for multiple platforms. "About three or four times a year, take those passwords that are especially in the social platforms that you use, the places you like to go, and just change those passwords and keep them fresh," Enza Alexander, executive vice-president of ISA Cybersecurity in Toronto, said. "Don't reuse what you used before. Use [passwords] that have characters and numbers and that are very unique." Alexander acknowledged this can make them harder to remember, but cycling passwords on the different platforms you use makes it harder for cybercriminals to access your accounts and find indicators of your identity. Cybernews said that duplicate records are likely to be present in the datasets, meaning it's "impossible" to determine the exact number of people whose credentials might have been exposed in the leak. The leaked records don't appear to come from a centralized breach that targeted a specific company but rather a compilation of datasets containing login credentials that were gathered over time. Cybernews said in its report that various infostealers are likely behind it. Infostealers are a form of malicious software that breaches a victim's device or systems to take sensitive information. A Google spokesperson said in a statement to CBC News that the issue did not stem from a Google data breach. Bob Diachenko, a cybersecurity researcher and Cybernews contributor who was involved in reporting the leak, posted on social media platform X noting that there was no single source of the leak. "What this number reflects is the size of different infostealers logs exposed publicly since the beginning of this year alone," Diachenko said in the post, adding that the leak signifies the large scale of "infostealers infections" today. Many questions remain about these leaked credentials, including whose hands the login credentials are in now. But as data breaches become increasingly common in today's world, experts continue to stress the importance of maintaining key "cyber hygiene." How can you protect your credentials? Alexander said that "it's difficult to understand what is accurate and what is not" about the leak, but noted that it's important for people to change their passwords if they're worried they might be affected. She also recommended that people look at different security offerings that platforms may offer, such as logging in using a passkey rather than a password. Some online services, like Google and Apple, allow users to sign in using a passkey as an alternative to using a password. This lets users sign into their accounts with a facial recognition scan, their fingerprint or a pin. In its statement, Google encouraged users to use passwordless authentication methods such as passkeys, which the company said are more secure. It also suggested using tools like Google Password Manager, which will store passwords and notify users if any of their passwords have been involved in a data breach so they can take action. "It's really important that people see if they've been affected but not overreact to the situation," Alexander said. Error while retrieving data Sign in to access your portfolio Error while retrieving data Error while retrieving data Error while retrieving data Error while retrieving data
CBC
2 days ago
- CBC
Billions of login credentials may have leaked. Here's how you can protect your accounts
A report that independent cybersecurity news outlet Cybernews published on Wednesday claimed 16 billion login credentials were exposed and compiled into datasets online, giving cybercriminals access to accounts on such online platforms as Google, Apple and Facebook. CBC News was unable to independently verify the report, but cybersecurity experts say the incident is yet another reminder for people to regularly change their passwords and not use the same one for multiple platforms. "About three or four times a year, take those passwords that are especially in the social platforms that you use, the places you like to go, and just change those passwords and keep them fresh," Enza Alexander, executive vice-president of ISA Cybersecurity in Toronto, said. "Don't reuse what you used before. Use [passwords] that have characters and numbers and that are very unique." Alexander acknowledged this can make them harder to remember, but cycling passwords on the different platforms you use makes it harder for cybercriminals to access your accounts and find indicators of your identity. Cybernews said that duplicate records are likely to be present in the datasets, meaning it's "impossible" to determine the exact number of people whose credentials might have been exposed in the leak. The leaked records don't appear to come from a centralized breach that targeted a specific company but rather a compilation of datasets containing login credentials that were gathered over time. Cybernews said in its report that various infostealers are likely behind it. Infostealers are a form of malicious software that breaches a victim's device or systems to take sensitive information. A Google spokesperson said in a statement to CBC News that the issue did not stem from a Google data breach. Bob Diachenko, a cybersecurity researcher and Cybernews contributor who was involved in reporting the leak, posted on social media platform X noting that there was no single source of the leak. "What this number reflects is the size of different infostealers logs exposed publicly since the beginning of this year alone," Diachenko said in the post, adding that the leak signifies the large scale of "infostealers infections" today. Many questions remain about these leaked credentials, including whose hands the login credentials are in now. But as data breaches become increasingly common in today's world, experts continue to stress the importance of maintaining key "cyber hygiene." How can you protect your credentials? Alexander said that "it's difficult to understand what is accurate and what is not" about the leak, but noted that it's important for people to change their passwords if they're worried they might be affected. She also recommended that people look at different security offerings that platforms may offer, such as logging in using a passkey rather than a password. Some online services, like Google and Apple, allow users to sign in using a passkey as an alternative to using a password. This lets users sign into their accounts with a facial recognition scan, their fingerprint or a pin. In its statement, Google encouraged users to use passwordless authentication methods such as passkeys, which the company said are more secure. It also suggested using tools like Google Password Manager, which will store passwords and notify users if any of their passwords have been involved in a data breach so they can take action.
Yahoo
2 days ago
- Yahoo
Billions of login credentials may have leaked. Here's how you can protect your accounts
A report that independent cybersecurity news outlet Cybernews published on Wednesday claimed 16 billion login credentials were exposed and compiled into datasets online, giving cybercriminals access to accounts on such online platforms as Google, Apple and Facebook. CBC News was unable to independently verify the report, but cybersecurity experts say the incident is yet another reminder for people to regularly change their passwords and not use the same one for multiple platforms. "About three or four times a year, take those passwords that are especially in the social platforms that you use, the places you like to go, and just change those passwords and keep them fresh," Enza Alexander, executive vice-president of ISA Cybersecurity in Toronto, said. "Don't reuse what you used before. Use [passwords] that have characters and numbers and that are very unique." Alexander acknowledged this can make them harder to remember, but cycling passwords on the different platforms you use makes it harder for cybercriminals to access your accounts and find indicators of your identity. Cybernews said that duplicate records are likely to be present in the datasets, meaning it's "impossible" to determine the exact number of people whose credentials might have been exposed in the leak. The leaked records don't appear to come from a centralized breach that targeted a specific company but rather a compilation of datasets containing login credentials that were gathered over time. Cybernews said in its report that various infostealers are likely behind it. Infostealers are a form of malicious software that breaches a victim's device or systems to take sensitive information. A Google spokesperson said in a statement to CBC News that the issue did not stem from a Google data breach. Bob Diachenko, a cybersecurity researcher and Cybernews contributor who was involved in reporting the leak, posted on social media platform X noting that there was no single source of the leak. "What this number reflects is the size of different infostealers logs exposed publicly since the beginning of this year alone," Diachenko said in the post, adding that the leak signifies the large scale of "infostealers infections" today. Many questions remain about these leaked credentials, including whose hands the login credentials are in now. But as data breaches become increasingly common in today's world, experts continue to stress the importance of maintaining key "cyber hygiene." How can you protect your credentials? Alexander said that "it's difficult to understand what is accurate and what is not" about the leak, but noted that it's important for people to change their passwords if they're worried they might be affected. She also recommended that people look at different security offerings that platforms may offer, such as logging in using a passkey rather than a password. Some online services, like Google and Apple, allow users to sign in using a passkey as an alternative to using a password. This lets users sign into their accounts with a facial recognition scan, their fingerprint or a pin. In its statement, Google encouraged users to use passwordless authentication methods such as passkeys, which the company said are more secure. It also suggested using tools like Google Password Manager, which will store passwords and notify users if any of their passwords have been involved in a data breach so they can take action. "It's really important that people see if they've been affected but not overreact to the situation," Alexander said.
ABC News
2 days ago
- ABC News
Billions of logins for sites such as Google and Facebook leaked, compiled online
Billions of login credentials have been leaked and compiled into datasets online, giving criminals "unprecedented access" to accounts, according to new research from a cybersecurity publication. The research from Cybernews revealed that a total of 16 billion credentials were compromised, including user passwords for Google, Facebook and Apple. The report said the 30 exposed datasets each contained a vast amount of login information and the leaked information did not span from a single source, such as one breach targeting a company. Instead, it appears that the data was stolen through multiple events over time and then compiled and briefly exposed publicly, which is when Cybernews reports that its researchers discovered it. Various infostealers were most likely the culprit, Cybernews noted. Infostealers are a form of malicious software that breach a victim's device or systems to take sensitive information. Many questions remain about these leaked credentials, including whose hands the login credentials are in now. Sixteen billion is roughly double the amount of people on Earth today, signalling that impacted consumers may have had credentials for more than one account leaked. Cybernews also noted that there were most certainly duplicates in the data and so "it's impossible to tell how many people or accounts were actually exposed". As more information comes to light, experts continue to stress the importance of maintaining key "cyber hygiene." Some things you can do to prevent your data from being exposed include changing your password — and avoiding using the same or similar login credentials on multiple sites. Password managers or pass keys exist if you find it too hard to memorise all your different passwords. Multi-factor authentication can also serve as a second layer of verification through your phone, email or a USB authenticator key. AP
