Apple, Google, Facebook Users Pay Attention! 16 Billion Passwords At Risk After Data Leak

Nearly 16 billion login credentials were leaked from approximately 16 billion login credentials gathered from a range of platforms, including Apple, Google, Facebook, Telegram, GitHub, and various VPN services, according to India's cybersecurity watchdog, CERT-In. To bring awareness among people about the large-scale credential exposure, CERT-In, recently issued an advisory.

The information in the leaked data was compiled from 30 different sources, as reported by Moneycontrol. Most of the information was acquired through infostealer malware and improperly configured public databases like unsecured Elasticsearch instances.

The dataset includes username-password pairs, authentication tokens, session cookies, and metadata linking credentials to specific users or platforms.

What Are The Threats to Data Leak?

The potential of data leaks may lead to widespread threats like access to accounts, phishing attacks, misuse of stolen data to deceive users, etc. Identity theft is another risk, as personal information could also be misused. Account takeovers are also possible if criminals gain control over user accounts.

Credential stuffing is one of the key threats highlighted by CERT-In. Cybercriminals can exploit stolen usernames and passwords by attempting them across multiple services. This method can lead to unauthorized access if users have reused passwords across different accounts.

How Can Users Stay Safe From Online Data Leak?

Changing passwords regularly, avoiding reusing data from across sites, and enabling two-factor authentication are some of the few measures that users can take to prevent online data leaks. Users can enable two-factor authentication adds an extra layer of security. Additionally, they should be cautious of phishing attempts and verify any suspicious communications before responding.

Monitoring account activity for any unusual behaviour is crucial. If users notice anything suspicious, they should report it immediately to the respective service provider. Keeping software updated can also help in safeguarding against vulnerabilities that hackers might exploit.

The scale of this breach makes it particularly dangerous for individuals and organisations alike. By taking proactive measures and staying informed about potential threats, users can better protect their online identities and sensitive information from cybercriminals.
Data breaches can have highly adverse impacts, affecting individuals, businesses, and even government institutions. Sensitive information exposure can further lead to significant complications and give hackers access to lot of unverified data through various means likethe internet or Bluetooth. Even a minor vulnerability can result in massive data breach if not addressed properly.

Hence, it is important to understand different ways to stay safe and avoid practices that may lead to such data leak.

What is A Data Breach?

A data breach occurs when confidential information reaches in hand of unauthorised individuals who intends to misuse the data for personal gain. Many times, weakness in technology and user behaviour also lead to breaches. People are more prone to such data breaches and leak because of lack of information of the evolving technology and new vulnerabilities.

Data breaches aren't always due to external hackers; sometimes, internal oversights or infrastructure flaws are responsible. An accidental insider might access files without proper authorization, while a malicious insider intentionally causes harm using legitimate access. Lost or stolen devices containing sensitive data also pose risks.