Internet Users Urged to Update Passwords After Massive Data Leak

The records include login details for Google, Apple, and Facebook, but no centralized breach at these companies; the data was collected via malware on users’ devices.

Published on: June 22, 2025

Edited on: June 22, 2025

London: Internet users across the globe are being urged to strengthen their digital security after researchers revealed that up to 16 billion login credentials were briefly exposed online.

The discovery was made by cybersecurity researchers at Cybernews, a technology publication, which found 30 datasets containing sensitive user credentials harvested through malicious software known as ‘info stealers’ and previous data breaches. Though the datasets were only accessible for a short time, experts warn they could be a blueprint for mass exploitation.

The records reportedly include login details linked to major platforms like Google, Apple, and Facebook, although there is no evidence of a centralized breach at any of these companies. Instead, the credentials appear to have been gathered through malware attacks on individual users’ devices.

DATA LEAK — Rep Image |Image courtesy: Getty Images/iStockphoto

Massive Exposure, Uncertain Impact

The data was found by Ukrainian cybersecurity specialist Bob Diachenko, who said the files were temporarily left unsecured on remote servers before being taken offline.

Diachenko confirmed he had downloaded the files and was working to contact affected companies and individuals.

The exposed records followed a clear format: a login URL, followed by a username and password. While researchers couldn’t confirm the exact number of unique victims owing to overlaps in the data, the sheer volume underlines the scale of sensitive information that remains vulnerable to cybercriminals.

Google, whose login credentials appeared in the exposed logs, denied any direct breach of its systems.

composite of hands using smartphone with padlock background — Rep Image |Image courtesy: Wavebreak Media/ UNDP

A Wake-Up Call for Cyber Hygiene

The report serves as a stark reminder of the importance of digital self-defense. Users are advised to:

Change passwords immediately, especially if reused across platforms
Enable multifactor authentication (MFA) wherever possible
Use password managers to generate and store strong, unique credentials
Visit haveibeenpwned.com to check if their email addresses were involved in a known breach

Alan Woodward, professor of cybersecurity at the University of Surrey, said the exposure illustrates the need for regular password spring cleaning and broader adoption of zero-trust security frameworks.

ALSO READ | India Rules Out Revival of Indus Waters Treaty with Pakistan

News Desk

The above news/article was published by a News Bureau member at indoarabnews who sourced, compiled, and corroborated this content. For any queries or complaints on the published material, please get in touch through WhatsApp on +971506012456 or via Mail(at)IndoArabNews(dot)com