Cybersecurity researchers have uncovered what appears to be history’s largest credential breach, with 16 billion login details exposed across major technology platforms including Apple, Facebook and Google.

The discovery, confirmed by Cybernews researchers who began investigating at the year’s start, dwarfs a previous May leak of 184 million credentials. The massive breach reportedly involves multiple infostealers working to harvest login data.

“30 exposed datasets containing from tens of millions to over 3.5 billion records each,” have been discovered, according to Vilius Petkauskas at Cybernews. The compromised data spans social media platforms, VPNs, developer portals and government services.

New, Weaponized Intelligence Creates Mass Exploitation Risk

What makes this breach particularly alarming is its scope of new data. “These aren’t just old breaches being recycled,” researchers warned, “this is fresh, weaponizable intelligence at scale.”

The stolen credentials follow a structured format containing URLs paired with login details and passwords. Darren Guccione, CEO of Keeper Security, emphasized the breach serves as “just how easy it is for sensitive data to be unintentionally exposed online.”

Security experts urge immediate action. “Choose strong and unique passwords, and implement multi factor authentication wherever possible,” said Javvad Malik from KnowBe4.

Organizations should adopt zero-trust security models while individuals need password managers and dark web monitoring tools to detect compromised credentials. Experts recommend switching to passkeys where available and updating all account passwords immediately.

Read more at Forbes