Imagine starting your day only to discover that every password you have ever used, from your Instagram to your bank account, is now floating around on the dark web. Sounds like a tech nightmare, right? But for millions, it might already be a chilling reality. Experts are calling it the biggest data breach in internet history. Over 16 billion login credentials have been leaked. And this isn’t outdated, recycled info. It’s fresh, organised and harvested using advanced infostealer malware.
How did this happen?
This wasn’t your typical cyberattack. No firewalls were smashed, no zero-day vulnerabilities cracked open. Instead, this breach was a slow burn, years in the making. The data was quietly harvested using infostealer malware, a stealthy type of malicious software that lurks on infected devices, silently siphoning off login credentials without raising alarms.
While a portion of the leaked data seems to originate from older, previously compromised password dumps, what sets this breach apart is the inclusion of fresh infostealer logs, Reuters reported. According to Cybernews, that’s what makes it especially dangerous, particularly for organisations that lack multi-factor authentication or fail to follow good credential hygiene. In other words, if you’re still reusing passwords or skipping extra security layers, you could be in serious trouble.
The dataset includes usernames, passwords, authentication tokens, session cookies and metadata linking the information to individual users and platforms.
India’s cybersecurity watchdog issues advisory
India’s cybersecurity agency, the Computer Emergency Response Team (CERT-In), issued an urgent advisory following the discovery of a massive data leak. The advisory, tagged CTAD-2025-0024 and dated June 23, warns users about the large-scale exposure of sensitive information gathered from major platforms such as Apple, Google, Facebook, Telegram, GitHub and multiple VPN services.
CERT-In has flagged several critical threats stemming from the breach. These include credential stuffing attacks, where stolen login details are used across services to gain unauthorised access; phishing and social engineering, aided by detailed metadata; account takeovers of personal and financial platforms; and more sophisticated cyberattacks such as ransomware and business email compromise.
The leak primarily originated from two sources – malware that steals credentials stored in browsers and files and publicly exposed databases left vulnerable due to misconfiguration. The watchdog emphasised the severity of the threat due to the vast number of affected accounts and the diverse platforms involved.
How to save yourself from such a breach?
To mitigate the risks, CERT-In advised all users to update passwords immediately, particularly on high-risk platforms like banking, social media, and government portals. Users should create strong, unique passwords using a combination of letters, numbers and symbols and avoid password reuse. The agency also recommended enabling multi-factor authentication for added security, remaining vigilant for phishing attempts and using trusted password managers to store and generate secure credentials.
