Massive Data Breach Exposes Over 16 Billion Login Credentials

In Summary

  • Google, Facebook parent Meta, or GitHub has not issued statements in this regard to date
  • Over 16 billion login credentials exposed in a massive breach
  • Data includes Google, Facebook, GitHub, Telegram accounts
  • Lack of multi-factor authentication increases user risk
  • Experts recommend passkeys and MFA for better security


Catenaa,  Friday, June20, 2025-A previously unreported data breach has exposed more than 16 billion login credentials from popular platforms including Google, Facebook, Telegram, and GitHub, marking one of the largest collections of stolen personal data ever discovered.

Investigators from Cybernews traced the data to a combination of info-stealer malware logs, credential stuffing databases, and prior leaks, warning the breach provides a “blueprint for mass exploitation.”

The exposed information gives cybercriminals unprecedented access for account takeovers, identity theft, and phishing attacks.

The datasets, containing entries ranging from tens of millions to billions, were briefly accessible via unsecured cloud storage before being removed. The responsible parties remain unknown.

Experts say the breach mainly threatens users who do not employ strong cybersecurity measures such as multi-factor authentication (MFA) or passkeys, which offer robust protection by requiring additional identity verification or cryptographic keys instead of passwords.

Users relying on MFA apps like Google Authenticator are less likely to be compromised.

The breach highlights ongoing cybersecurity challenges as attackers increasingly use sophisticated malware and tactics to gather sensitive data. It also follows recent high-profile crypto-related cyberattacks, including a $90 million theft from Iran’s largest crypto exchange by a pro-Israel hacking group.

Protected by Copyscape