184 million accounts just leaked, yours could be next

Kim Komando ^ | May 31, 2025 | By Kim Komando

[dennisw]

Hackers just hit a massive jackpot: 184 million accounts across Apple, Google and Microsoft were exposed in a sweeping data breach. I’m talking email addresses, usernames, passwords, device info (the whole buffet), now up for grabs on the dark web.

Before you say, “I’m safe, I use strong passwords,” or “I’ve never been hacked,” take a second to think. These weren’t obscure services. This breach hit the biggest names in tech. Household-name-level oopsie.

If your login credentials got caught in the cross fire, hackers are already trying to use them to break into your other accounts.

The hidden risk It’s so easy to click “Save Password” in Chrome, Safari or Edge. But if your browser can autofill your logins, so can anyone else with access to your device. Hackers know this. That convenient feature could be the weakest link in your entire digital life.

Google and Apple both offer built-in password managers. But are you really comfortable trusting the same companies that monetize your data with your most sensitive logins?

Here’s what makes this breach different This was a perfect storm for credential stuffing. That’s when criminals take one exposed password and try logging into thousands of other accounts. If you’ve ever reused a password, you’re vulnerable.

Your Netflix password might not seem like a big deal, until they use that same password to drain your PayPal or breach your health records. So go change all your passwords. I’ll wait.

[Poser]

I use LastPass for passwords. I would never print them. I just save a list of the vendors that I have used my credit card as payment. That way, when one of my vendors gets hacked I can get a new card and pretty quickly update to the new numbers.

All of my financial, banking, and credit card suppliers have unique passwords and 2 factor verification where possible. Even my email account uses 2 factor verification every 90 days or when an unknown device accesses the account.

Unless I do something stupid, only my vendors can screw up one of my two credit cards. I only use my debit cards in person at the bank. I’m sure there will be new and better ways for bad actors to hack my accounts in the not too distant future. Oh well... C’est la vie.

[dayglored]

The only browser I have ever stored passwords in is Firefox, because it lets me set a master password to encrypt its database of my passwords. Chrome does not have that option.

I have used KeePass on Windows and Linux, and its equivalent MacPass on macOS, as my password manager for many years. Portability between operating systems is critical to the way I work. And being able to make backup copies of the password archive file is also critical.