“A large -scale operating plan”: 16 billion identifiers exposed – a dark record for our data
Symbolic illustration of an infostealer data flight: these malware recovers locally stored identifiers (passwords, cookies, session tokens) before transmitting them to a remote server, such as those used to compile the 16 billion entries exposed in June 2025. © Shutershock
In June 2025, cybersecurity researchers from Cyberness have lifted the veil on an extraordinary compilation: 16 billion identifier/passwords combinations, exfiltrated not from Google, Facebook or Apple servers … but directly from your computers.
16 billion stolen passwords: a massive leak fueled by malware, not by piracy of GAFAM
The case is not a Hollywood hack targeting a tech giant. Here, the reality is more perverse: malware called infostealers have silently infiltrated the browsers, sucked the passwords stored locally, cookies, sessions … before sending everything to servers ordered by cybercriminals. The latter then compiled everything in 30 separate databases, briefly accessible on poorly protected public cloud services.
In total, this represents 16 billion admissions. A part are duplicates, but the majority remain usable. Above all, a lot of data is fresh. Where old leaks have been circulating for years, this new wave has been feeding the most aggressive hacking campaigns in real time: usurpation of accounts, surgical phishing, targeted control in business.
It is not just a leak – it is a large -scale operating plan. With more than 16 billion connection combinations exposed, cybercriminals have unprecedented access to personal identifiers, usable for account control, identity theft and ultra-target phishing.
The typical file? A line, three columns: URL, identifier, password. And often everything is still valid. Your Google accounts, your Telegram access, your GitHub or Apple ID identifiers … If they have been stolen on your machine, they may be there. And usable now.
Cyberness warns: this is not an isolated event. It is an arsenal. A game of digital keys circulating freely. And the best way to protect yourself is the most basic: change your passwords, never reuse them, activate the double authentication (2FA), and install a serious anti-malware.
So no need to close all your accounts or panic: Web giants have not been hacked. The danger comes from infected devices and the reuse of passwords. Here is what to do, very concretely, according to the verified recommendations of Cyberness – Without unnecessary stress or media shortcuts:
- Change the passwords of your sensitive accounts (email, bank, social networks, etc.), especially if you have reused them.
- Activate double authentication (2FA) wherever possible (and why not via an app like Authy or a physical key (FIDO2).
- Use a password manager to create unique and complex identifiers at each service.
- Scan your device with a reliable anti-Malware, to detect or eliminate any always active infostealers.
- Check if your identifiers have leaked, for example on haveibeenpwned.com (but attention : This base has not yet integrated recent flight).
Want to save even more? Discover Our promo codes Selected for you.
