APPLE, Facebook and Google users have been told to change their passwords amid a colossal data breach affecting 16billion logins.
It’s one of the largest data breaches in history, researchers say.
The data is recent, and has not been recycled from previous breaches, according to CyberNews[/caption]
Logins for Instagram, Microsoft, Netflix, PayPal, Roblox, Discord, Telegram and GitHub have also been affected.[/caption]
A staggering number of individuals likely had at least some of their accounts compromised, which means they are more vulnerable to cyber attacks[/caption]
While the data could be in the hands of security researchers, CyberNews warned that it is “virtually guaranteed” that some of logins were owned by cybercriminals[/caption]
Logins for Instagram, Microsoft, Netflix, PayPal, Roblox, Discord, Telegram, GitHub and various government services in more than 29 countries, including the UK and US, have also been affected.
Researchers at CyberNews came across 16billion datasets with vague names like ‘logins’ or ‘credentials,’ making it hard for the team to decipher exactly what information they contained.
But the records were most likely compiled by cyber crooks using infostealer malware – a form of malicious software created to breach computer systems to steal login details, financial information, and other personal info.
Though researchers noted that some data may also have been collected by so-called ‘white hat’ – or ethical – hackers, whose job is to spot flaws in systems with permission from the owner to improve security.
The data is recent, and has not been recycled from previous breaches, according to CyberNews.
A staggering number of individuals likely had at least some of their accounts compromised, which means they are more vulnerable to cyber attacks.
Cybercriminals now have “unprecedented access” to personal credentials and could exploit them for account takeovers, identity theft and targeted phishing attacks, the report by CyberNews wrote.
“This is not just a leak – it’s a blueprint for mass exploitation,” researchers said in their report.
“With over 16billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.
“What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale.”
Within the widescale data breach, Cybernews noted that its researchers identified a database of 184million records that were previously uncovered by security researcher, Jeremiah Fowler, in May.
A sample of 10,000 stolen accounts showed 220 email addresses with .gov domains, linking them to dozens of countries such as the UK, US, Australia, Canada, China, India, Israel and Saudi Arabia, according to Fowler.
In total, Fowler discovered 47 gigabytes of data with sensitive information for accounts across various social media, gaming and streaming sites.
“The inclusion of both old and recent infostealer logs – often with tokens, cookies, and metadata – makes this data particularly dangerous for organizations lacking multi-factor authentication or credential hygiene practices,” the team said.
It is unclear who owns the leaked data.
While it could be security researchers that compile data to monitor leaks, CyberNews warned that it is “virtually guaranteed” that some of the logins were owned by cybercriminals.
According to CyberNews researcher Aras Nazarovas, web users should change their passwords and enable two-factor authentication (2FA) on all their accounts.
“Some of the exposed datasets included information such as cookies and session tokens, which makes the mitigation of such exposure more difficult,” he said.
“These cookies can often be used to bypass 2FA methods, and not all services reset these cookies after changing the account password.
“Best bet in this case is to change your passwords, enable 2FA, if it is not yet enabled, closely monitor your accounts, and contact customer support if suspicious activity is detected.”
It is unclear who owns the leaked data[/caption]
How to spot a dodgy app
Detecting a malicious app before you hit the ‘Download’ button is easy when you know the signs.
Follow this eight-point checklist when you’re downloading an app you’re unsure about:
- Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts.
- Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions.
- Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake.
- Research the developer – do they have a good reputation? Or, are totally fake?
- Check the release date – a recent release date paired with a high number of downloads is usually bad news.
- Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
- Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities.
- Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.
All of this information will available in both Apple’s App Store and the Google Play Store.
