A humongous cache of approximately 16 billion login credentials that recently surfaced online has sparked widespread concern across the cybersecurity community.
The leaked data reportedly contains usernames and passwords from tech giants including Apple, Google, Facebook, Telegram, GitHub, and various VPN services. The sheer volume of compromised credentials initially suggested that hackers had successfully penetrated the databases of these companies simultaneously, which would have represented one of the most significant security breaches in internet history. However, following extensive investigation by cybersecurity experts, the true nature of this leak or leaks has been revealed.
Group-IB’s Threat Intelligence team conducted a comprehensive analysis of the leaked data, examining samples against their archive of 17 billion records spanning from 2020 to 2025. Their findings show that this is not a new breach at all, but rather an aggregation of old, previously leaked credential databases.
Every single decipherable login-password pair in their analysis traced back to public stealer-log leaks that occurred between 2021 and 2023. No credential in the sample was first recorded in 2025, with the newest verified compromise dating back to April 2024. The investigation revealed that the folder names and directory structures matched well-known Telegram dumps and public combination lists that have been circulating for years.
Recognizing the potential threat this leak poses to Indian internet users, the country’s cybersecurity agency, CERT-In has issued an official advisory warning citizens about the risks.
Tagged as CTAD-2025-0024 and dated June 23, 2025, the advisory emphasizes that while this may be old data, it still represents a significant security threat to millions of users across the country.
CERT-In has identified four major risks that could emerge from this credential exposure. First is credential stuffing, where cybercriminals systematically try stolen usernames and passwords across multiple online services, banking on the fact that many people reuse the same login credentials across different platforms. Second, the metadata associated with these credentials provides valuable information that can be used for highly targeted phishing and social engineering attacks. Third, successful credential matches could lead to complete account takeovers, giving attackers access to personal information, financial accounts, and organizational systems. Finally, these compromised credentials could serve as entry points for larger-scale attacks, including ransomware deployment and business email compromise schemes that can devastate both individuals and organizations.
See Also: Yes, 16 billion passwords leaked online. No, it’s not what you think.
In response to this threat, CERT-In has issued comprehensive recommendations for Indian internet users to protect themselves. The agency strongly advises all users to immediately update their passwords, particularly on sensitive platforms such as banking websites, social media accounts, and government portals. It also emphasizes the importance of creating strong, unique passwords that combine letters, numbers, and symbols, while avoiding the dangerous practice of reusing the same password across multiple services.
CERT-In also recommends enabling multi-factor authentication wherever possible, using authentication apps, hardware tokens, or SMS-based verification systems to add an extra layer of security beyond just passwords. Users are advised to remain vigilant against phishing attempts, especially those disguised as password reset links or urgent security notifications that might trick them into revealing their new credentials.
Additionally, the agency suggests using password managers to generate and securely store unique credentials for each online service, as this eliminates the human tendency to create weak or repetitive passwords while making it easier to maintain good security hygiene across all digital accounts.
16 billion #passwords leaked! The biggest #DataBreach ever? https://t.co/FJuINqMPlX | TechPulse pic.twitter.com/yP1G2IcvEI
— Economic Times (@EconomicTimes) June 30, 2025
Your logins, your accounts, your data… possibly exposed. What’s really going on? And what should you do right now? Find out: https://t.co/veFUNmehQw#Kaspersky… pic.twitter.com/MMq1TNTeeG
— Kaspersky (@kaspersky) July 7, 2025
Is The Truth Behind The 16 Billion Passwords Leak Finally Revealed? https://t.co/CYfdh3rUVZ
— Forbes (@Forbes) July 4, 2025
Security is our first priority.
#indiancert #cyberswachhtakendra #StaySafeOnline #cybersecurity #besafe #staysafe #mygov #Meity #onlinefraud #cybercrime #scamming #cyberalert #CSK #CyberSecurityAwareness pic.twitter.com/awOsdvvpEm
— CERT-In (@IndianCERT) June 22, 2025
Security is our first priority.
#indiancert #cyberswachhtakendra #StaySafeOnline #cybersecurity #besafe #staysafe #mygov #Meity #onlinefraud #cybercrime #scamming #cyberalert #CSK #CyberSecurityAwareness pic.twitter.com/mBnnjtiT9I
— CERT-In (@IndianCERT) June 20, 2025
See Also: Hackers Are Targeting Your Password Manager App
See Also: Crypto Investor Worth $100 Million Abducted And Tortured Tourist For Weeks To Gain Bitcoin Password
Cover: Pexels
Great Job Mashable News Staff & the Team @ Mashable India tech Source link for sharing this story.
