Tech giants like Google and Apple found themselves victims to one of the biggest data breaches of all time. According to researchers at Cybernews, one of the largest data breaches in history has leaked around 16 billion passwords across some of the biggest tech platforms in the world,
The data watchdog found more than 30 datasets, each containing billions of logins to social media, VPNs, and user accounts for Big Tech companies such as Apple and Google, had been left exposed by infostealers.
Cybernews researchers have been monitoring the exposed datasets since the beginning of 2025. One of them, Vilius Petkauskas, told Forbes that the team has discovered “30 exposed datasets containing from tens of millions to over 3.5 billion records each.”
READ: ‘Crypto president’ Trump signs yet another executive order to promote digital coin (January 24, 2025)
“This is not just a leak—it’s a blueprint for mass exploitation. These aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale.”
Bob Diachenko, a Cybernews contributor, cybersecurity researcher, and owner of SecurityDiscovery.com, said, “There was no centralized data breach at any of these companies,” when asked to clarify whether any of the datasets actually came from Facebook, Google, or Apple.
Diachenko also said that credentials they’ve seen in infostealer logs contained login URLs to Apple, Facebook, and Google login pages.
How can one protect against such data breaches?
In today’s digital world, massive data breaches are becoming alarmingly common, with billions of login credentials exposed in a single incident. These breaches put your personal, financial, and professional information at serious risk. To protect oneself, it’s essential to take proactive steps that strengthen your online security before attackers can take advantage.
1. Use Strong, Unique Passwords for Every Account
Reusing passwords across accounts is one of the biggest risks. If one site is breached, attackers can use that same login for your other accounts—a method called “credential stuffing.” Always use long, complex passwords with a mix of letters, numbers, and symbols. Avoid personal info like birthdays or pet names.
2. Adopt a Password Manager
Managing dozens of strong, unique passwords is tough without help. A password manager like Bitwarden, 1Password, or Dashlane stores and encrypts your credentials, automatically filling them in when needed. This not only improves security but also saves time.
3. Enable Two-Factor Authentication (2FA)
2FA adds an extra layer of protection even if your password is stolen. Choose app-based authentication (e.g., Google Authenticator or Authy) or a physical security key like YubiKey over SMS, which can be intercepted or SIM-swapped.
4. Use Passkeys When Available
Passkeys are the next generation of login security—biometric- or device-based and phishing-resistant. They are now supported by Google, Apple, and many major services. Unlike passwords, passkeys can’t be leaked or reused.
5. Monitor Your Accounts for Breach Activity
Regularly check if your credentials have been compromised using tools like “Have I Been Pwned” or browser-integrated features (e.g., Chrome or Firefox breach alerts). Many password managers also notify you of exposed logins.
6. Avoid Public Wi-Fi and Use Antivirus Software
Public networks can be vulnerable to attacks. If you must use one, connect through a VPN. Also, install trusted antivirus or anti-malware tools to detect infostealers that may be secretly logging your keystrokes.
7. Be Vigilant Against Phishing
Don’t click suspicious links or download unknown attachments, especially if the email or message urges urgent action. Phishing remains one of the most effective methods hackers use to exploit breached data.
By combining these steps, you drastically reduce your exposure—even when massive breaches occur beyond your control.