A massive leak hits 16 billion login credentials, including passwords from platforms like Apple, Google, and Facebook.
The leakage poses significant risks for major users and those involved in cryptocurrency are set to observe severe impacts.
Reported by Cybernews on June 19, 2025, the breach involves 30 exposed datasets, each containing tens of millions to 3.5 billion records.
It was primarily from unsecured Elasticsearch or object-storage instances. Most of these datasets were previously unreported.
The report continued that it came with one exception being a “mysterious database” of 184 million records.
The leak heightens the threat of credential stuffing attacks, where hackers use automated tools to test stolen credentials across multiple platforms.
Given that over 80% of users reuse passwords, a single breach can compromise multiple accounts, including custodial crypto wallets or exchange platforms tied to email access.
READ ALSO: Trump Tower in Dubai to accept crypto payments.
Password-based seed-phrase backups stored in cloud services are particularly vulnerable, as attackers could potentially access private keys.
Crypto users are particularly at risk, as attackers could target custodial wallets or cloud-stored seed phrases.
The breach’s scale potentially two accounts per person globally underscores the urgency of these steps.
Experts warn this is a “blueprint for mass exploitation,” with credentials already circulating on the dark web.