Cyber shock: 16 billion passwords leaked from Apple, Google, Facebook

One of the biggest digital threats of the past decade is currently unfolding: 16 billion (!) user IDs and credentials from major technology platforms—such as Apple, Google, Facebook, Telegram, GitHub, and even government agencies—have been leaked onto the dark web, according to a revelation by Cybernews, which is confirmed by the Forbes.

It is about primary data breach, rather than a rehash of older incidents, as the researchers point out. The scale of the leak and the number of government agencies involved are causing global alert.

30 databases – 3.5 billion records each

Experts identified 30 different databases, ranging in size from tens of millions to 3.5 billion records each. Twenty-nine of these had never been recorded before in leak lists, which confirms that this is new, active wiretaps.

Η Google is already urging its users to change their passwords, while the The FBI issued a warning to U.S. citizens Do not open suspicious SMS messages that contain links.

Government emails among the victims

Based on an analysis of a small sample of 10,000 accounts, the researchers identified at least 220 emails ending in .gov, spread across 29 countries, including the United States, Canada, the United Kingdom, China, India, Israel, and Saudi Arabia.

The data include Access URLs, usernames, and full passwords, which means they can be put to good use immediately for phishing attacks and account takeovers.

«It's not just a leak—it's an operational guide to cyberattacks,» Cybernews experts emphasize.

What caused the leak?;

Mass surveillance appears to be the result of “infostealer” tools” – malware that «steals» passwords from browsers, applications, and operating systems without the user being aware of its activity.

However, the exact number of victims It is impossible to calculate, due to the scope and distribution of the data.

Recommendations for the Public

Experts recommend:

• Immediate Password Change, especially for critical services such as email, social media, and bank accounts.
• Enable two-factor authentication (2FA).
• Avoid Sharing Passwords via email or by saving as plain text.
• Using Password Managers (e.g., Bitwarden, 1Password).
• Be careful with security alerts from the platforms themselves.

What should Greek users be aware of?;

In Greece, although the number of domestic accounts affected has not yet been disclosed, users of the gov.gr, Taxisnet, email.gov.gr, or even EFKA and DYPA they should demonstrate special attention.

The competent authorities They have not yet issued an official statement, but it is considered certain that there will be protests in our country as well in the coming days.

Is the threat of cyberwarfare a real one?;

Given that the leak includes thousands of email addresses belonging to governments and government agencies, analysts do not rule out the possibility that targeted cyberattacks on critical infrastructure or even exploiting the leak as part of a geopolitical confrontation.

This case, which has already been dubbed the «Chernobyl of the Codes», is expected to have very serious consequences, both in the global political arena and in users' daily lives.