Massive Data Breach: 16 BILLION logins exposed – why we’re all at risk, always

There are troubling reports today of a data breach exposing over 16 Billion login credentials including Apple, Google, Meta and more. So is your data part of this and should you be worried?

Yes. Of course yes.

Reported by CyberNews this isn’t one big hack, in fact it should be made clear that Apple, Google, Facebook – none of these companies have been hacked. It’s more that a security researcher has discovered the treasure trove of data that cyber criminals have obtained through their own efforts. This includes from malware infections, credential stuffing and other leaks all repackaged into one big database.

Researchers say “This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale,”

While the data is not accessible now, in fact it was only briefly visible, it’s a window into the type and scale of data that cyber criminals have access to.

With this amount of data criminals can build a profile of just one individual by linking multiple sets of data to a single person or email address.

From this they can send more targeted scam emails, calls, even physical letters.

Most problematic for all average Australians is the use of your login details from one site, to access another one. This is called Credential Stuffing.

In this situation, if the data set contains the email address myrealname@myinternet.com and the password “You’llNeverGuessIn2025” – then they can firstly access whatever site that credential was for, but also attempt to access any other site or service on the internet using that same email and password. They do this because we’re all guilty of re-using passwords.

What can I do?

Three important steps you can take.

• Firstly, change your passwords. And change them regularly. A password should be multiple unrelated words strung together with the addition of characters and numbers.
• Secondly, Setup and use Two Factor Authentication wherever it is available. Either through SMS verification or Authentication codes using an App like Authy. Do this now.
• Finally, Install strong and credible Internet Security software on your computer, tablets and smartphones. Trend Micro offers this protection across your devices, we recommend it for everyone.