Dark Web Jackpot: 16 Billion Usernames, Passwords Leaked

Experts warn that the newly discovered trove of credentials isn’t outdated—it’s fresh, organized, and built for exploitation.

BY PC Bureau

New Delhi, June 20, 2025 – Cybersecurity researchers from Cybernews have uncovered the largest data breach ever recorded, exposing over 16 billion usernames and passwords stolen by cybercriminals using sophisticated malware. The colossal dataset, discovered in unsecured online storage, includes login credentials from major platforms such as Google, Apple, Facebook, GitHub, Telegram, LinkedIn, Netflix, and Amazon, among others. Experts warn that the breach’s scale and recency make it a “blueprint for mass exploitation,” posing severe risks of identity theft, account takeovers, and targeted cyberattacks.

The Cybernews team identified 30 distinct datasets, ranging from millions to billions of records, with only one dataset—containing 184 million passwords—previously reported. The remaining 99% of the data is new, collected in 2024 through info-stealer malware like RedLine, Vidar, and Lumma. These malicious programs target social media accounts, corporate websites, VPNs, and developer platforms, extracting URLs, usernames, passwords, and, in some cases, security tokens and API keys. The datasets’ structured format amplifies their potential for automated attacks like credential stuffing, where stolen logins are tested across multiple services.

The breach was briefly accessible through misconfigured cloud storage, likely S3 buckets, allowing researchers to analyze the data but not trace its controllers. Cybersecurity experts describe the exposure as a “wake-up call,” with the data’s recency and organization heightening risks for both individuals and organizations. “This isn’t just a leak; it’s a goldmine for cybercriminals,” said Dr. Ankit Sharma, a cybersecurity analyst at Delhi-based SecureNet Solutions. “Without multi-factor authentication, millions of accounts are vulnerable to takeover.”

READ: Analysis: Record Spike in Swiss Bank Deposit Revives Talk of India’s Economic “Loot”

The breach’s implications are far-reaching. Individuals face risks of identity theft, financial fraud, and phishing attacks, while companies are exposed to ransomware, data breaches, and supply chain attacks, particularly through compromised GitHub accounts. A 2024 Verizon report notes that 68% of breaches involve stolen credentials, with ransomware incidents doubling since 2022. In India, where the average cost of a data breach reached ₹9.4 crore in 2023, per IBM, the fallout could be economically devastating.

Over 16 Billion credentials has been leaked 😮
Accumulated through various breaches into a single structured dataset.

Time to change passwords! pic.twitter.com/0jOS70b8I8

— Parampreet Singh (@Param3021) June 20, 2025

Posts on X reflect widespread alarm, with users urging immediate password changes and calling the breach “the mother of all data leaks.” Some speculate about the involvement of organized cybercrime syndicates operating on dark web marketplaces like Genesis Market. However, the inability to trace the data’s origin complicates law enforcement efforts, as cybercriminals often use anonymizing tools like Tor.

READ: Manipur: Police Say Crossfire Killed Village Chieftess, Kuki Groups Dub it “Murder”.

To mitigate risks, experts recommend immediate action. “Use strong, unique passwords, enable multi-factor authentication, and run regular antivirus scans,” advised Priya Menon, a cybersecurity consultant. Services like Google One’s Dark Web Report can help users check if their credentials are compromised. Companies are urged to implement MFA, audit developer accounts, and secure cloud storage to prevent similar exposures.

The Indian Cyber Crime Coordination Centre (I4C) has issued an advisory, urging citizens to update passwords and monitor accounts for suspicious activity. Authorities are collaborating with international counterparts to investigate the breach, though the scale and anonymity of the data pose significant challenges. As the digital world grapples with this unprecedented breach, experts stress that robust cybersecurity practices are no longer optional but essential.