Just in:
Aramco Eyes New U.S. LNG Offtake in Cameron Deal // Qingzhen’s Zhanjie Town Leverages Ecological Resources to Drive Industrial Upgrading and Integrate Culture and Tourism for Rural Revitalization // OPEC+ Eyes Pause in Production Rises After September Surge // Abu Dhabi’s Masdar and Iberdrola Back £5 Billion UK Offshore Wind Venture // Results of the ixCrypto Index Series Quarterly Review (2025 Q2) & IX Digital Asset Industry Index Series Half Yearly Review (2025 1H) // IIT Delhi and TeamLease EdTech Kick‑start AI for Healthcare Executive Programme // Nigeria’s Coastal Highway Passes $747 m Funding Milestone // Air Arabia Reinitiates Sharjah–Damascus Flights // DNA‑Crafted Nanomachines Self‑Assemble in Water // Musk Alleges Grok Was Misled and Predicts Tech Breakthroughs // CGTN: Beauty in diversity: How wisdom at Nishan Forum inspires global modernization // Tokyo Real Estate Set for $75 Million Blockchain Shake‑Up // Can India Emerge As The Trusted Leader Of Global South Like Earlier Years? // $1 Bn Pact to Launch Digital Real‑World Asset Platform // MCP Ignites AI Agent Revolution Amid Looming Security Quagmire // Stonepeak Secures Strategic Co-Control of IFCO Stake // Galaxy AI Elevates On‑Device Intelligence with Privacy at Core // OPEC+ Champions Insist Surge in Output Meets Market Demand // Celebratory 911 Club Coupe Marks Half-Century Porsche Partnership // Behomes Launches Behomes Hub – Cashback & Networking App for Real Estate Professionals //

Massive 16 Billion Credential Leak Exposes Global Risk

Security researchers have uncovered an enormous password cache comprising 16 billion unique login credentials spanning major platforms such as Apple, Facebook, Google, Telegram, GitHub, VPN services and even government portals—making it the largest credential leak known to date. These credentials were harvested via at least 30 substantial datasets, some containing up to 3.5 billion records, indicating multiple infostealer malware operations operating at a large scale during 2025.

Researchers found that the leaked datasets were transiently exposed in unsecured Elasticsearch and object‑storage instances, allowing brief public access before being shut down. Structures within the datasets included URLs, usernames and passwords, often accompanied by metadata such as tokens or cookies—making them ripe for phishing, credential stuffing and account hijacking.

Analysts emphasise that the data is not a collection of old, recycled breaches: most records appear freshly harvested, enabling cybercriminals to exploit current and valid credentials in automated attacks. As one expert warned: “This is not just a leak – it’s a blueprint for mass exploitation… fresh, weaponizable intelligence at scale”.

ADVERTISEMENT

Infostealer malware—distributed through phishing links, fake software and compromised websites—has evolved into a pervasive threat under the malware‑as‑a‑service model. Such malware silently extracts browser‑stored credentials, cookies and session tokens before packaging and selling dumps on underground markets.

The consequences are widespread. Cybercriminals can initiate credential stuffing across hundreds of services; craft highly convincing phishing emails; and mount identity theft, ransomware and business‑email‑compromise attacks. Records tied to Apple, Google and Facebook enhance the ease and effectiveness of targeted campaigns.

It remains unclear how many unique users are affected, as overlapping credentials are present across the datasets. With over 5.5 billion internet users worldwide, many may have multiple accounts compromised.

Security experts recommend immediate action. Users should deploy password managers to generate and store unique, complex passwords; enable multi‑factor authentication where available; and transition to passkey-based login systems, especially offered by Apple, Google and Microsoft. Regular system scans for infostealer malware and the avoidance of downloading cracked or unauthorised software are also advised.

Organisations are under pressure to strengthen internal cybersecurity measures, including enforcing MFA, conducting regular training on phishing awareness and credential hygiene, and adopting zero‑trust frameworks. Endpoint protection and proactive threat monitoring have become essential amid this evolving threat landscape.


Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT