Thiruvananthapuram – Cybersecurity experts are calling the largest data breach in internet history, over 16 billion login credentials, including passwords for major platforms like Google, Facebook, Telegram, email services, and even government portals, have reportedly been leaked.
According to a Forbes report, cybersecurity researchers have been investigating massive data leaks since early 2025. Their research uncovered 30 major datasets, each containing between 1 million to 3.5 million records, collectively amounting to an estimated 16 billion compromised records.
The breach came to light after an unknown web server was found hosting a massive database of 1.84 billion records. The leaked data includes usernames, passwords, and login credentials for popular platforms such as Apple, Google, GitHub, and several government services.
Researchers believe that multiple infostealers—malicious tools designed to collect sensitive data—are behind this breach. These stolen credentials can be misused for phishing, hacking accounts, business email compromise, and other cybercrimes.
“This is not just a leak, it’s a blueprint for large-scale exploitation,” said cybersecurity experts, warning that many of the compromised credentials might still be stored in cloud environments, making them accessible to cybercriminals.
Darren Guccione, co-founder and CEO of Keeper Security, emphasized the seriousness of the breach: “This is just the tip of the iceberg. Most of the leaked passwords are for widely used services, which reveals the potentially massive fallout.”
Experts urge companies and individuals to invest in password management tools and dark web monitoring systems to detect if their credentials have been exposed. Such tools can also alert users in case their login details are found in compromised datasets.
This breach, spanning across platforms and countries, raises urgent questions about digital privacy and security, as billions now face potential risks of identity theft, unauthorized access, and cyberattacks.
