16,000 million passwords are filtered in a security gap never seen before

After 9,900 million passwords were filtered, we now face what could be the largest of the history of history. Has exposed 16,000 million passwords from all kinds of online services, from Facebook, Google and Apple even business and government platforms. In fact, not long ago, Telefónica was the target of a similar attack.

The investigation, led by Cybernews in collaboration with the cybersecurity expert Bob Dachenkoconfirms that most of these data come from Infostealer malwaredesigned to steal information from infected devices.

The finding includes 30 different databaseswith records that vary from tens of millions to more than 3.5 billion in a single file. According to experts, many records are duplicated, so it is impossible to know exactly how many unique accounts have been compromised.

The most worrying thing is that it is not about old data. Filtrations include updated information and in formats that allow immediate use by cybercriminals. According to Cybernews, these credentials feed attacks such as Phishingidentity theft, kidnapping of accounts and corporate fraud. “The structure and actuality of these databases demonstrate that we do not speak only of recycled information, but of Recent and highly critical data”, Say the researchers.

What services have been affected?

Exposure affects practically all the services you can imagine. Although there has been no direct hacking to giants such as Facebook, Google or Apple, stolen credentials do include access to their login pages, compiled by infostealer malware.

The filtration method was accidental. What happened is that the databases were briefly exposed on servers Elasticsearch poorly configured or in open cloud storage. According to the researcher Nasrid sarasthe popularization of centralized databases indicate a change in the black market. Now, cybercriminals are leaving behind channels like Telegram groupsopting for more structured methods.

Nazarovas also mentions: “Some of the exposed data sets included information such as cookies and session tokens, which hinders the mitigation of said exhibition. These cookies can often be used to omit 2FA methods, and not all services restore these cookies after changing the password of the account. The best bet in this case is to change your passwords, enable 2FA, if you are not yet enabled, closely monitor your accounts and communicate with the customer service if suspicious activity is detected“

In any case, the report also mentions that there has not been a centralized violation in the main Internet companies, such as Apple, Google or Microsoft. Now, the leaked data would allow access to these services, so it is urgent to take action.