Researchers at Cybernews have discovered 30 exposed datasets containing from several millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records.
Cybersecurity researchers have confirmed what is being described as the largest password leak in history, with more than 16 billion login credentials now circulating online. The leaked data includes access details from major platforms such as Apple, Google, Facebook, GitHub, and others.
According to experts, the leak is comprised of information from 30 separate datasets, most of which contain newly exposed data rather than previously recycled credentials. In addition to usernames and passwords, the trove includes associated emails, URLs, and complete login sequences—offering a detailed map for cybercriminals to exploit.
“This is fresh, weaponizable intelligence at scale,” researchers said, warning that the breach presents significant risks for mass phishing campaigns, account takeovers, and widespread digital identity theft.
The leaked data is reportedly already live and being actively shared across online platforms. Security analysts are urging individuals and organizations to take immediate action by changing passwords, enabling multi-factor authentication, and monitoring for suspicious activity.
Authorities and cybersecurity teams are currently investigating the source and full scope of the breach.