Security researchers at Cybernews have uncovered a massive trove of stolen credentials—roughly 16 billion usernames and passwords—stored across 30 unsecured cloud databases. Each database contained between 16 million and 3.5 billion entries, including credentials tied to major platforms like Apple, Google, and Facebook.
Most of these datasets had never been publicly disclosed, giving cybercriminals fresh ammunition for large-scale credential-stuffing attacks. Investigators believe the breach stems from poorly configured Elasticsearch clusters and exposed cloud storage buckets, calling it “weaponizable intelligence at scale.”
“This is not just a leak – it’s a blueprint for mass exploitation. With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing,” researchers said.
For cryptocurrency holders, the danger is particularly acute. Reused passwords could allow attackers to access exchange accounts or linked wallet services—putting funds at risk of immediate theft.
Tech Giants, Governments Among Affected Platforms
The breach spans a staggering array of services—from global tech firms to messaging apps and even government websites. Cybernews investigators noted that platforms such as GitHub, Telegram, and various government-run portals were all represented in the stolen credentials.
In many cases, the compromised records included more than just login details. Tokens, cookies, and session metadata were also exposed, heightening the risk of advanced exploits—especially for users without robust authentication protections.
The original compiler of the data remains unknown, but researchers believe some of the archives may have been created by coordinated cybercriminal networks actively trading stolen data.
Crypto Wallets Face Heightened Attack Risk
The crypto industry is now on high alert. Experts warn that custodial wallets and exchange accounts are particularly vulnerable if linked to reused passwords or unsecured email addresses.
A major point of concern involves seed phrases stored via cloud backup services. If hackers gain control of associated email accounts, they may be able to recover wallet credentials and siphon assets before the victim is aware.
In response, some crypto platforms are expected to initiate password resets or roll out emergency verification protocols to contain potential fallout. The incident has also reignited calls for better password practices and stronger two-factor authentication across the industry.
Quick Facts
- Cybernews uncovered 16B leaked credentials in unsecured databases.
- Major platforms like Google, Apple, and GitHub are affected.
- Crypto wallets are at high risk from reused passwords.
- Experts urge password updates and 2FA immediately.
