A staggering 16 billion login credentials—including passwords—have been leaked online. This unprecedented breach impacts virtually every corner of the internet, from social media giants like Apple, Facebook, and Google to developer platforms, VPNs, and even government services.
The breach was uncovered by researchers at Cybernews, who have been tracking suspicious activity since the start of 2025. Their investigation revealed 30 supermassive datasets, each containing between tens of millions and 3.5 billion records. Most of these credentials had never been reported before; only a single database of 184 million records had previously surfaced, which now appears to have been just the tip of the iceberg.
According to Vilius Petkauskas from Cybernews, “This is not just a leak—it’s a blueprint for mass exploitation. These aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale”
The leaked credentials span a vast range of platforms:
Apple, Google, Facebook
GitHub, Telegram, and developer portals
VPN services and cloud storage
Corporate systems and government portals
With this volume and diversity of data, cybercriminals have “unprecedented access” to personal and corporate accounts, making identity theft, account takeover, phishing, and ransomware attacks not just possible, but likely.
Researchers believe the majority of these records were harvested using infostealer malware—malicious software designed to extract login information from infected devices. Some credentials may also have been exposed through misconfigured cloud environments, where sensitive data was left unprotected and easily accessible online.
What’s particularly alarming is the recency and structure of these datasets. Unlike many previous breaches that recycled old data, this leak contains fresh, highly organized information, ready for immediate exploitation by bad actors.
New datasets of stolen credentials are appearing online every few weeks, reflecting the widespread and persistent use of infostealer malware. The scale and frequency of these leaks suggest that the cybersecurity landscape is facing a crisis of unprecedented proportions.
