The most significant of the identified datasets included over 3.5 billion records.
More than 16 billion new login records potentially obtained from various information-stealing malware have been exposed across 30 unsecured datasets.
According to Cybernews, the most significant of the identified datasets included over 3.5 billion records likely gathered from a Portuguese-speaking population.
The Cybernews research team noted that a leaked dataset had 550 million records on average.
Also discovered were datasets suggesting Russian origins and an association with Telegram that had over 455 million and more than 60 million records, respectively.
While all of the datasets were exposed for only a short amount of time, researchers expressed alarm over the inclusion of credentials that were not exposed in previous breaches."This is fresh, weaponisable intelligence at scale," said researchers, who added that the presence of old and new infostealer logs in the exposed datasets presents significant risks for organisations without multi-factor authentication or have not implemented other credential hygiene measures.
Brian Soby, co-founder at CTO at AppOmni, said: “A 16-billion-record data leak is hardly a surprise. For too long, we’ve relied on outdated security measures, and this is the predictable result. The sheer scale of this breach, with data from virtually every major online platform, from Apple and Google to government services, isn't the whole story. The real threat is the weaponisation of this data against the SaaS applications that form the backbone of our economy.
“This isn’t just a collection of old, previously leaked passwords; it appears to be a new, massive, and highly organized library of credentials. This gives cyber-criminals a roadmap for widespread account takeovers that could bypass traditional security measures with ease. Every login to a SaaS platform and every cloud service accessed is now a potential entry point for attackers.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
