A staggering 16 billion passwords linked to Apple, Facebook, and Google have been leaked in what is said to be one of the largest data breaches in history
A staggering 16 billion passwords linked to Apple, Facebook, and Google users have been leaked, according to researchers.
The breach is one of the largest in history, affecting logins for Instagram, Microsoft, Netflix, PayPal, Roblox, Discord, Telegram, GitHub. Government services in more than 29 countries were also targeted in the attack, which experts say has given cybercriminals and hackers “unprecedented access to personal credentials”.
The intelligence was leaked in the format of a URL, with logins and passwords, and has allowed access to “pretty much any online service imaginable, from Apple, Facebook, and Google, to GitHub, Telegram, and various government service”, according to Cybernews.
The FBI has even warned Americans to not open suspicious links in SMS messages. Researchers at Cybernews have been investigating the leaks and discovered “30 exposed datasets containing from tens of millions to over 3.5 billion records each.”
“This is not just a leak – it’s a blueprint for mass exploitation,” the researchers said. “And they are right. These credentials are ground zero for phishing attacks and account takeover.
READ MORE: BREAKING: Data breaches LIVE: Google and Facebook users warned as 16 billion passwords leaked
“These aren’t just old breaches being recycled. This is fresh, weaponisable intelligence at scale.”
Below are some of the actions users should take to protect their data being taken by cybercriminals.
How will I know if my password was leaked?
Sadly, there’s no definitive way to find out if your password was leaked. Fortunately, the data was only available for a short amount of time, so investigators hope the information didn’t travel too far.
But, it is recommended to keep a close eye on your accounts and be aware of any unusual activity.
What should I do?
It is vitally important to change your passwords if you use Facebook, Google, or Apple. You should also activate Two-Factor Authentication, which gives another layer of security to logging in, by sending a secure code to your email or phone.
Why am I being sent SMS links?
The FBI has said smartphone users should not click on any SMS link messages sent to iPhone and Andriod users. These are often known as phishing, which is impersonating as a company or user to gain access to your information. Often, they are very sophisticated and seem incredibly real.
“Don’t click on anything in an unsolicited email or text message. Look up the company’s phone number on your own (don’t use the one a potential scammer is providing), and call the company to ask if the request is legitimate,” the FBI advised.
