16 billion passwords leaked: what should I do?

[harlan4096]

First, don’t panic. Second, change your passwords. What else? Read this blogpost to protect your accounts.
 
You’ve probably already seen the headlines “The biggest leak in human history”. The whole world is in uproar after Cybernews journalists found the logins and passwords to 16 billion accounts in the public domain — two for each inhabitant of the planet! What is this leak, and what do you need to do right now?

What’s the leak, and are my credentials there?

The original study says that the Cybernews team has been working on the topic since the beginning of the year, and in six months they’ve managed to collect 30 unsecured datasets that add up to 16 billion exposed login credentials. The largest chunk of data — 3.5 billion records — is related to the world’s Portuguese-speaking population; another 455 million records are related to Russia, and 60 million are “most likely” related to Telegram.

The database is built on the following principle: URL, followed by login and password. That’s it, nothing else. At the same time, it’s said that the data of users of all the giant services was leaked: Apple, Google, Facebook, Telegram, GitHub, etc. Surprisingly, it was passwords and not hashes that ended up in the hands of the journalists. In our study How hackers can crack your password in an hour, we detailed exactly how companies store passwords (spoiler: almost always in closed form using hashing algorithms).

The story pays special attention to the freshness of the data: journalists claim that the 16 billion doesn’t include the biggest leaks, which we wrote about on the Kaspersky Daily blog. The important question remains behind the scenes: “Where did the 16 billion freshly leaked passwords come from, and why has no one seen them except Cybernews?”. Unfortunately, the journalists haven’t provided any evidence of existence of this database. Therefore, neither Kaspersky’s experts nor anyone else has managed to analyze it. Therefore, we cannot say whether yours – or anyone else’s – data is in there.

According to Cybernews, the accessing the entire database was possible through the use of stealers. This seems reasonable, since this is a threat that’s gaining momentum. According to our data, the number of detected password-theft attacks worldwide increased by 21% from 2023 to 2024. Attackers are targeting both private and corporate users.

Continue Reading...