Sixteen Billion Login Credentials Have Been Leaked in The World’s Largest Known Data Breach

welcomeUniverseWorld on 20/06/2025 - 21:01
Last edited 21/06/2025 - 12:52 by 2 other users

Sixteen billion login credentials have been leaked in the world’s largest known data breach, affecting major platforms. The breach includes usernames and passwords, reportedly aggregated and exposed online. It is suspected that misconfigured cloud storage or info-stealer malware - delivered via phishing emails, malicious downloads, or software vulnerabilities -may have played a role in the exposure.

To protect yourself:

1. Change your passwords to strong, unique ones for each account.
2. Enable two-factor authentication (2FA) wherever possible.
3. Regularly monitor your accounts for suspicious activity and stay informed through trusted sources.

Impacted or likely affected services include:

• Apple
• Google
• Social media like Facebook, Instagram , Twitter/ X
• Telegram
• GitHub
• Free email services like Outlook, Yahoo Mail
• Ebay, Amazon and other e-commerce sites
• PayPal & other financial services
• Whatapp and potentially other messaging services
• Other potentially impacted platforms may include social media (e.g., Twitter/X, Instagram), email providers (e.g., Yahoo, Outlook), e-commerce sites (e.g., Amazon, eBay), financial services (e.g., PayPal), and messaging apps (e.g., WhatsApp).

These are usually not the old hacks.

Source: 16 billion passwords exposed in record-breaking data breach, opening access to Facebook, Google, Apple, and any other service imaginable

• 

  Hybroid on 20/06/2025 - 21:04

  +16

  Worth noting this is NOT a new breach or leak, but a recent repackage of old data from infostealers and past breaches.

  So there's no need to panic immediately but do enable 2FA and check https://haveibeenpwned.com regularly.

  • welcomeUniverseWorld on 20/06/2025 - 21:32 Comment score below threshold.
    • 

      simplystu on 20/06/2025 - 21:43

      +11

      Why cite newscorp article ???
      Their journalists == even high school students could do better.

      If want credible source == proper IT news site (who is in the know) … or proper journalism website.

      Certainly NOT newscorp trash.

      • 

        welcomeUniverseWorld on 20/06/2025 - 21:45

        -2

        Added a better source at the top. Noticed from news corp and X to start with. Found better source afterwards

        • 

          2025 on 21/06/2025 - 20:42

          +1

          @welcomeUniverseWorld: No, the 16 billion credentials leak is not a new data breach

          • 

            welcomeUniverseWorld on 22/06/2025 - 10:39

            @2025: Cybernews and others disagrees. The best from consumer pov is always to update their own credentials irrespective of whether it is new or old. Once an identity is lost, it is extremely hard to get back including the money lost. Often the money lost is not recoverable, especially if it come to crypto

            • 

              2025 on 22/06/2025 - 11:10

              @welcomeUniverseWorld: You do realise cybernews is the original source on this?

              I was just sharing a reputable and accountable link, that’s all.

              There is a real risk of password fatigue, and these types of things don’t help. In fact, latest guidance from NIST around changing passwords is this:

              Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.

              This is exactly what the news story is doing. There is no evidence of a new compromise, and while they aren’t the verifier, they are freaking people out into changing passwords. They are happy to post screenshots backing up their clam that they found it, but can’t do the same to prove it’s new data.

              Maybe your neighbour or nanna or whoever changed their password when the actual breach happened, but now, with this not news story beings spread like rumours, they’ve changed it again, but inadvertently they’ve changed it back to what she had at the time of the actual breach.

              Imagine someone got an old phone book from NSW, then one from VIC, merged them together, and released it. And you find this list, and make a news story about it. This is basically what happened here.

              While keeping online security at the front of everyone’s mind is commended, I take issue with the alarmist nature of this. Initiatives like the recent “World Password Day” are frictionless and stress free ways to remind people of their responsibilities.

              • 

                welcomeUniverseWorld on 22/06/2025 - 12:23

                @2025: Most applications now-a-days only allow passwords that are not same as last last three. It is for atleast the ones I build. Most pen tests will bring that out on a website. And most modern site will go through regular pen tests.

  • 

    Dr Phil on 21/06/2025 - 09:13

    -4

    Agree
    And 16 Billion?
    What are the chances of your details coming up?

    Just change passswords and use 2FA

    • 

      welcomeUniverseWorld on 21/06/2025 - 10:11

      -1

      The chance is high. Yes, change passwords. Always use 2fa. Try using 2fa associated with Google auth or Okta auth or microsoft auth or similar rather than using sms.

      Few years back my identity got hacked. Hence, I know the trouble very well. I have updated most of my passwords.

  • 

    CodeXD on 21/06/2025 - 11:35

    Do you know of something similar for phone numbers to see if someone is in the breach list?

• 

  Protractor on 20/06/2025 - 21:11

  Also worth noting we all, as a society, collected walked into this outcome years ago.Long before we took action to avoid. BUT! successive Strayan govts should be re hot reamed for allowing unknown ,unnamed ,non-vetted,non-police checked offshore support models.
  ISPs ,telcos and banks enabling full access to sensitive data for decades, just to boost profits. Horse has well & truly bolted.
  Philippines,India,S Africa etc. What a joke/nightmare.

  • 

    DingoBilly on 20/06/2025 - 21:21

    +2

    Wut.

  • 

    welcomeUniverseWorld on 20/06/2025 - 21:55

    I agree

  • 

    iminabrons on 21/06/2025 - 08:02

    +1

    Cheap labour. Can't live with them can't live without them.

  • 

    EightImmortals on 21/06/2025 - 08:56

    Can't wait till 'mygovID' becomes mandatory! Not.

    • 

      tenpercent on 21/06/2025 - 20:14

      Can't wait till 'mygovID' becomes as mandatory as possible! Not.

      FTFY ;)

• 

  MS Paint on 20/06/2025 - 21:26

  -1

  '#FAKE_DRAMA

  • 

    welcomeUniverseWorld on 20/06/2025 - 21:34

    -1

    Source https://cybernews.com/security/billions-credentials-exposed-…

    Not fake. I already noticed login tries from Manilla, Dubai, Ukraine and other places. You do yours. I am changing all. I have 2fa anyway

    • 

      MS Paint on 20/06/2025 - 21:41

      -1

      I didn't say the news was fake.

      In 2025 if internet users aren't using complex passwords and 2FA then they are just asking for trouble.

    • 

      S2 on 20/06/2025 - 21:59

      +2

      Fake or not, it is a excellent reminder about online cyber security. Thanks for the write up and sharing OP.
      Point 1 in protecting yourself could also include a suggestion to use a password manager, like bitwarden (cloud) and KeePassXC (local).

    • 

      n3ck3ntry8bort0rgasm on 20/06/2025 - 22:40

      Not fake. I already noticed login tries from Manilla, Dubai, Ukraine and other places.

      I mean this has already been happening to me and most likely everyone else.

      unssuccessful sign in every 30 mins to 1 hour. every time from a different location. endlessly.

      the thing is there is no alert or anything, because it was unsuccessful. so most people don't know that it's been happening for years. I randomly found out one day while browsing all the account settings. noticed an endless list of attempts. tbh it's so long I cbf scrolling but must be years.

      to me it just means someone has your email, and a bot is trying to brute force their way in by trying every single combination possible ( I saw a diagram on this which shows exactly how long it takes for them to brute force depending on how you made your pw - can range from few hours to years).

      use 2FA yes.

      • 

        Ade99 on 21/06/2025 - 08:10

        Been happening for years. It seems to be mainly in Northern Hemisphere day time so often see a list of requests for digital codes in my 2FA back up account in our morning. Change the PW and you will effectively rinse and repeat as the next wave of brute force hacks arrive. 🤔

        • 

          n3ck3ntry8bort0rgasm on 21/06/2025 - 20:57

          @Ade99:

          It seems to be mainly in Northern Hemisphere day time

          yeah I just recognized some of the ones in OP's comments. just all over the place. to me it meant it's clearly not a person, but a bot.
          or maybe a bunch of bots that switch their location every attempt.

    • 

      Nickels n Dimes on 21/06/2025 - 12:25

      2FA was great, but soon it will be less than nothing, once AI is fully added to the hacking tools, with MitM, smishing, sim swap attacks or, emulate the 2FA process remotely.

• 

  n3ck3ntry8bort0rgasm on 20/06/2025 - 22:42

  +1

  anyone else have the feeling that the internet itself is being cyber attacked just recently?? (like amazon/google cloud service??)

  certain websites just hang and don't load. ozb is one idk why. doesn't happen all the time just occasionally.

  camels price check for amazon sometimes doesn't work on a regular basis.

  keep getting "are you human?" pages loading on multiple sites for no reason. usually only happens when you use a "new" browser or device.

  • 

    Protractor on 20/06/2025 - 22:47

    +1

    Possibly.
    Now would be the most viable time of all. With the tech at hand, being in the hands of the lunatics in control. Right across the globe there are players who need exactly that level of control.Just the fact Trumps power with Musks wealth and access to tech (eg Starlink is almost a planetary net now. How many billions are on X or it's downstream tentacles?) And almost all or the worlds data has been openly conglomerated by now. So yep, Easy peasy.

    • 

      n3ck3ntry8bort0rgasm on 20/06/2025 - 22:48

      +2

      have you noticed some oddness as well just recently in the last week?

      like the internet just isn't working smoothly. it's affecting enough sites for me to notice how it's slowing down the browsing experience.

      as someone who appreciates apps this experience using the browser for certain websites is like over the top caution. like it's doing extra checks or something and that requires an extra tap from the user to take you to the website..

      for anyone wondering. yes internet is fine btw. everything else (apps etc) work just like normal. youtube loads as normal never freezes on ads. I have a few WiFi devices that would bug out with internet connection problems but they are fine.

      • 

        Protractor on 20/06/2025 - 22:52

        -1

        Probably. But I haven't dug into it. I just walk away and come back later. But the frequency of that has increased.
        I mean given there's dozens of ghost ships anchor dragging the worlds web cable network, it makes sense the same players are using other MO's to disrupt or intrude or drain.

        • 

          n3ck3ntry8bort0rgasm on 20/06/2025 - 22:53

          @Protractor:

          I mean given there's dozens of ghost ships anchor dragging the worlds web cable network,

          yeah I heard or read about that somewhere. I think giant sea floor cable connecting US to Europe or something got cut. a lot of things I don't understand (economy, stockmarket etc) went wrong.

      • 

        Kail on 21/06/2025 - 18:40

        I've noticed, I was surprised that nothing seems to be in the news about it.
        I thought it might be related to that Cloudflare issue? But I have no idea. It seems to be a bit better now than it was earlier in the week.

        • 

          Protractor on 21/06/2025 - 20:19

          @Kail: They have finished the auction of the 16B logins.It was very hot for a few days.

        • 

          n3ck3ntry8bort0rgasm on 21/06/2025 - 20:50

          @Kail: probably just your average govinment bought malware service that started making it's own decisions thanks to being integrated with ai. 😂
          it's all the rage now, oh photoshop? now integrated with ai. oh logitech keyboard software? now integrated with ai (i'm serious about this one. why does my keyboard software have to be integrated with ai). human pilotless autonomous fighter jets? now powered by chatgpt. 😂

          nothing really surprising about it after I saw that north korean brother nerfed by unwilling participants who thought they were on a game show. 🥴

          • 

            Protractor on 21/06/2025 - 20:56

            @n3ck3ntry8bort0rgasm: I reckon if Trump goes full scale mega bunker bomb on Iran, or gets involved,all the tech boys and AI will get involved and the conflict will go gang busters for year, in any case. Musk will be the lead Oberleutnant .They think its all a game. The paybacks will be long and hard and far and wide. It always is.

            • 

              n3ck3ntry8bort0rgasm on 21/06/2025 - 21:04

              @Protractor: I mean the push for autonomous machines that are designed to nerf and difficult to eliminate is real.

              saw that fully autonomous fighter jet released recently. it will definitely be coming to a war real soon. I hear they are already using mounted weapons that identify targets and fire all by themselves. in certain conflicts in middle east (don't really want to start this subject). you will never see it come out media is focusing all on the use of drones to nerf. their latest change in reporting is "now they are using fibre optic cable on a spool so their signal can't be blocked before reaching target." like cmon we know what kind of f'ed up s*%# is being beta tested on actual humans in war. that's what it's all about isn't it? selling these "new" weapons.

              oh btw not even getting into the gene editing super human s&^$. they are growing those embryos.

              • 

                tenpercent on 21/06/2025 - 21:09

                @n3ck3ntry8bort0rgasm:

                "now they are using fibre optic cable on a spool so their signal can't be blocked before reaching target."

                Here's an interesting youtube video tangentially related to this. We'll probably need some very dedicated citizen engineering in this area soon.

                • 

                  n3ck3ntry8bort0rgasm on 21/06/2025 - 21:16

                  @tenpercent: yeah I saw the EMF defensive weapon video pretty sure it does the same thing but probably covers a much bigger area and uses multiple ways to disable them. some kept secret of course otherwise it wouldn't have the edge and countries wouldn't buy it.

                  my first exposure to actual video of what was happening was those poor terrified north korean soldiers sent to fight. like their faces of terror as this random drone approaches at super high speed and you realise that was their last moments. no gore of course because the drone camera gets turned into mist as well it just cuts to static. the media is brutal showing their last moments like that. 😂

                  if you want to get a feeling of what it would be like to be walking around being a soldier and having a flying nerf cannon coming for you. watch this recent video of ai drone pilot beating the top human drone pilot. https://youtu.be/yz2in2eFATE

        • 

          welcomeUniverseWorld on 22/06/2025 - 10:41

          @Kail: News is busy with Iran & Israil including what the orange man will do. This is likely not in top 10 for them now.

      • 

        tenpercent on 21/06/2025 - 20:12

        Maybe they're just switching all the systems over, getting ready to require real time biometric digital identity verification to access the internet and banking & other services.

        Maybe preparing for the Cyber Polygon or Cyber Pandemic operation to go live?

        How else are they going to push "mankind to undergo fusion of physical, digital and biological identity".

  • 

    30year old Camry on 20/06/2025 - 22:54

    +5

    I keep getting this page when trying to log in to OzBargain.

    • 

      n3ck3ntry8bort0rgasm on 20/06/2025 - 22:55

      -1

      yeah there is malicious captchka going round as well apparently.

      it will most likely only fool elderly people. but after captchka it asks you to do like "windows key + H" shortcut and do a few other suss things. opening you up to being attacked (open portal to bad guys). if you used a computer you will probably notice something isn't right after the catpchka.

      • 

        MS Paint on 21/06/2025 - 00:47

        Wooooooooooooooooooooooooooooooosh

        • 

          n3ck3ntry8bort0rgasm on 21/06/2025 - 00:59

          -1

          @MS Paint: okay not sure what that word means but happy for you. 🙏🙂

        • 

          Protractor on 21/06/2025 - 20:20

          @MS Paint: Did you just have a multiple o spasm?

          • 

            n3ck3ntry8bort0rgasm on 21/06/2025 - 20:54

            @Protractor: on the phone all I saw was woooooooooooooooooo- and then blocked by the edge of the phone because their word for dramatic effect was too big.

            so uh I just thought they were drunk/having a good time.

• 

  SYLTB on 20/06/2025 - 22:49

  If so, why did not hear anything about from Russian and Chinese comrades and trustable hackers!

  • 

    Protractor on 20/06/2025 - 22:53

    -2

    Oooh yes, because the Yanks wouldn't do Nefarious things.LOL
    White hat good, black hat bad?

• 

  mskeggs on 21/06/2025 - 00:23

  +1

  I’m not sure how to respond to this one, it certainly looks like a headline rather than a new exploit, but it also looks like a collection of old hacks being assembled into a more easily usable data set.
  All the places I look at for real alerts aren’t screaming red, but it also sounds like really valuable exploits collected together - if I thought there was someone who might not be a sophisticated threat, like a ex-partner or angry enemy, I’d be changing passwords if I hadn’t done so before.
  Take this as a flag that you should probably tidy up any old passwords.

  • 

    mskeggs on 21/06/2025 - 00:27

    +2

    To be clear, it probably doesn’t matter if your LinkedIn or Netflix password gets hacked if it isn’t the same password you use for gmail - you can tidy up. But if it is your email password that lets someone reset all your other passwords, it is a big deal.

    • 

      welcomeUniverseWorld on 21/06/2025 - 10:20

      My identity got stolen quite a few years back. I had to go through a lot to get everything sorted back. Hence, do not underestimate anything, especially utility accounts like AGL or others.

      I , personally, do not bother about LinkedIn or other steaming services. I put very strong unique passwords for those since it is less likely for me to have need to reenter those. Even if someone hacks to my LinkedIn, what are they gonna do? Apply jobs for me. Thanks :)

      However, for others, I put 2fa as well as try to change anyway once a year.

    • 

      Protractor on 21/06/2025 - 10:29

      +1

      The big problem is the govt allows companies to have offshore support, and there is no law or (decent) penalty for any company who is hacked, and delays the notification to users, or indeed doesn't notify at all.So it's likely that when the dozens of your benign logins are combined with parts of your real ID, your risk is massively amplified.
      We need all the holes in the legal crumpet plugged, and ensure any FTA we have with countries where hacks are centralised, carry equally potent penalties, and/or the ability for us to prosecute across borders. This shit is only going to get worse with more humans and more AI doing the hard graft while the crooks kick back and wait.

      EDIT:(ABC on the same story)
      https://www.abc.net.au/news/2025-06-21/google-apple-facebook…

• 

  Maneki Angel Fund on 21/06/2025 - 12:06

  -2

  I am not surprised. There was a 0-day a few weeks ago.

  Lots of people were caught unaware and the exploit was definitely being used in the wild. The only mention I received was that there was some accessibility tool that was analysing the content on my screen. If you didn't have Adobe Acrobat Pro installed, (the one that makes/edits the pdfs), you wouldn't even know you got infected.

  Sadly, I'm on the list.

  16 billion people sounds about right for that type of exploit.

  Also I love how some researchers are like, "That's old data", when they forget the average user probably doesn't even check haveibeenpwned and don't actually go change their passwords. That's a majority of people. It's like when there was the neopets breach, I didn't even bother changing that password for years and I just left it to see if someone would do something. Eventually someone transferred my pet to their account, it was a lot of fun since the new owner was happy, and I don't usually go on there anymore. Talked to them and they said it's because it was their daughter's name.

  Like a crypto OG, I was a neopets OG that joined in the first month because I found it on one of those ads you clicked on to get paid. I also joined crypto because it was advertised on another one of those "get paid to do stuff sites" back when I was younger. I was underaged at the time, but most people didn't care about that.

  The sad thing is I could probably randomly log into people's neopet's accounts after changing my ip address. Most people never changed those passwords because the site was mostly abandoned. The problem is was there reuse of those passwords, most likely and people would have forgotten about it.

  • 

    2025 on 21/06/2025 - 20:50

    Dude…

    Firstly, do you realise there are on average 225 zero day vulns per month

    16 billion people sounds about right for that type of exploit

    Secondly, please go look at how many people are in the world.

    Thirdly, although it is not new data, it’s still FUD. It’s already been out.

    The only benefit this “discovery” brings is the increased attention to ppl doing stupid things with their online accounts.

• 

  Protractor on 21/06/2025 - 20:59

  Plot twist, haveibeenpwned hasbeenpwned

  • 

    welcomeUniverseWorld on 22/06/2025 - 10:42

    Really? Or you jocking?

    • 

      Protractor on 22/06/2025 - 10:54

      +1

      I'm rocking the "jockings".

      (Hint: Plot twist is usually followed by a imaginary scenario. But who really knows?)

• 

  n3ck3ntry8bort0rgasm on 22/06/2025 - 18:09

  okay idk probably just seeing these more because I'm looking for them but.

  the sign in with google popup in the top right corner which I always close on reddit, had a white border around it. just web transparency error? idk. first time I have ever seen this.

  also family member messages me today. from today, this morning. 2FA won't come to their messages (they use the phone no. method). it doesn't matter how many times they click send again it never comes. they couldn't pay for anything online with PP. very weird.

  if it's not arriving, where is it going? somewhere else to the same cloned number? a quick search revealed this error is common when you "switch to another carrier" which they have not done recently. suss.

  • 

    Protractor on 22/06/2025 - 18:40

    Interesting you should say that. I've had a few dodgy events like that. Get your rellos to check the paypal acct regularly(just in case)

    • 

      n3ck3ntry8bort0rgasm on 22/06/2025 - 19:38

      yeah will keep an eye on it. just the timing of it happening today. also first time this has happened to them.
      (it's been delayed by 5 mins in the past, but this time nothing comes through at all) weird af.

      • 

        Protractor on 22/06/2025 - 19:51

        I've had a bout 6 events like that over a cpl of months, that I put down to poor mobile signal, but I thought they might have popped up a bit later. Not maybe 1 did? I guess the rest expired, or something more dodgy. But no idea why they never arrived in the window initially. Check whether your rellos have email accounts with offshore services or support.That's the weak point I reckon. Because PP and ebay send receipts,notifications etc through, and some of those faceless foreign workers have access at some point , to all our juicy goodies.And as you know ISPs never tell you who, where,when and what systems they have to secure all of that juicy opportunity.It should be illegal.