16bn passwords exposed in record breaking security breach

[Retro]

This is a biggie, real biggie and it looks like this data was obtained by infostealer malware running on victims' computers rather than major services like Amazon or Apple being hacked. Might be a good idea to change the passwords for all your major accounts, including online banking.

“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale,” researchers said.

The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data. Most of the datasets were temporarily accessible through unsecured Elasticsearch or object storage instances.

https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/

"What's an infostealer? " you ask. Here's the definition:

Infostealer - Wikipedia

en.wikipedia.org