Posted on 06/19/2025 11:46:28 AM PDT by servo1969
The researchers, from the cybersecurity firm Cybernews, initially found a database containing 184 million records sitting unprotected on a web server last month. However, as they delved deeper, they realized that this was just one of many unsecured databases full of private information. Further investigation revealed an additional 29 datasets, each containing tens of millions to over 3.5 billion records. In total, the researchers uncovered a staggering 16 billion records, making this one of the biggest stolen login discoveries of all time.
What sets this breach apart from others is the freshness and organization of the data. The researchers emphasized that these are not just recycled old breaches, but rather “fresh, weaponizable intelligence at scale.” The neatly structured data, which includes URLs, usernames, and passwords, points to infostealers as the likely source. Infostealers are a type of malware specifically designed to collect login credentials in this exact format.
The implications of this breach are far-reaching and deeply concerning. With access to such a vast number of login credentials, cybercriminals can easily carry out account takeovers, steal identities, and launch highly targeted phishing campaigns. Apple accounts, which are among the exposed credentials, are particularly worrisome, as they can be used to access a wide range of sensitive information and services, including iCloud, Apple Pay, and the App Store. Other logins reportedly included in the massive datasets include Google, Facebook, instagram, Amazon, and many other popular web services.
(Excerpt) Read more at breitbart.com ...
Google, Amazon, Apple, email, financial, EVERYTHING. They are all likely compromised whether or not you have experienced any funny business. Even your password for Free Republic. Can't hurt.
And try to use very strong passwords if you can. Something like this: zLD8XeRqUn~>50s8
“What sets this breach apart from others is the freshness and organization of the data. The researchers emphasized that these are not just recycled old breaches, but rather “fresh, weaponizable intelligence at scale.”
Because they came from one collective source. U.S. Government Intelligence.
Strong passwords don't protect you from data breaches. Just from someone trying to hack you directly.
If given the opportunity to do so, use Multifactor Authentication. Strong passwords alone won’t do the trick.
#$@% %&^ son of a #$$%#^.
I JUST CHANGED all of my numerous passwords after the last big recent data breach. MFer. Now I have to do it all again.
“Computers will make you life easier”, they said.
“Computers will cause far less problems,” they said.
MFers!!!!!
My passwords are already very long and strong. What good is that when hackers just download them all off a list?
I may say “screw it” and finally go with the USB key method of logging in. I am sure that will be hacked eventually as well, but it sound like at least I won’t have to change all of my passwords every 2 months or less.’
I am bugged to use passkeys, which is likely less secure.
The site also offers a tool to find out if your password has been part of any data breaches. However it won't tell you which sites the password was found on, since this could make it possible for someone to piece together a username and password that hasn't been changed yet.�
HIBP's list of sites where your account has been breached isn't comprehensive, especially if you've re-used a username and password combo on multiple sites. For example, if your login info for Dropbox was breached in the company's 2016 hack, an attacker could try it on other sites in the hopes that you reuse your username and password.
- https://www.pcmag.com/how-to/how-to-find-out-if-your-password-has-been-stolen
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.