Cybersecurity experts have uncovered what may be one of the largest data breaches ever recorded — a massive collection of 30 databases holding a staggering 16 billion records. According to a new report from Cybernews, the data appears to have been amassed by a range of infostealing malware, likely deployed by cybercriminals and possibly even ethical hackers or security researchers. The exposed information contains login credentials for numerous services, spanning email and social media platforms such as Google, Facebook, and Telegram, as well as developer profiles on GitHub and access to certain government websites.
Cybernews reports that researchers have identified 30 distinct exposed datasets, each holding tens of millions—and in some instances, billions—of records. These aren’t outdated or irrelevant data fragments. Investigators note that the information is current, systematically arranged, and most likely harvested through infostealer malware, which silently extracts login credentials from compromised systems.
“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale,” researchers said.
According to reports, passwords available on the dark web are so easily accessible that even individuals with minimal technical skills and a modest budget can obtain them. This widespread availability puts virtually everyone at risk — from regular internet users to businesses and government organizations.
Incidents like these data breaches are part of the reason Google has been urging users to enhance the security of their Gmail accounts by moving away from outdated login methods such as traditional passwords and two-factor authentication (2FA). The company is encouraging users to switch to passkeys and social login options to offer more secure and streamlined access to their accounts.
