Historic 16 billion password leak exposes global vulnerability

A massive data breach has exposed over 16 billion login credentials, making it one of the largest-ever such incidents in internet history. The Cybernews team, led by Vilius Petkauskas, has been investigating the incident since early 2025. They’ve uncovered 30 datasets ranging from tens of millions to over 3.5 billion user credentials each, covering accounts from Google, Apple, Facebook, GitHub, Telegram, government services, VPNs, and more.

“It was a hack attack of epic proportions.”

Security analysts stress that this isn’t just a regurgitation of past leaks—it’s fresh data, well-structured for malicious use, and primed for phishing, identity theft, account takeovers, and blackmail.

Why is this worse than you think? Well, 16 billion credentials is roughly double the Earth’s population—so obviously duplicates exist—but the fact that it’s spread across 30 separate data dumps means huge reach. Experts say these are new, weaponizable intelligence records, not just recycled from past incidents; moreover, data comes from infostealer malware, which quietly harvests browsing login credentials—cookies, tokens, passwords—straight from infected devices.

Nrupesh Soni

We asked digital and cybersecurity specialist Nrupesh Soni for his take. He stressed that it is extremely high priority for individuals to change their passwords and avoid using the same one across multiple platforms, warning that reusing passwords is one of the easiest ways for hackers to gain access to personal accounts.

What you must do now

1. Reset passwords on all your accounts, especially critical ones.

2. Use a password manager to generate and store strong, unique passwords.

3. Enable multi-factor authentication (MFA)—passkeys are even better where available.

4. Check the compromised status of your credentials via services like Google Security Checkup or “Have I Been Pwned.”

5. Be extra vigilant against phishing, especially SMS-based or email-linked scams flagged by authorities like the Namibian Police.