16 billion current passwords leaked online, including access to Apple, Google, and Facebook
According to Forbes, researchers from Cybernews have recorded a unique leak — more than 16 billion current login and password pairs on sites including Apple, Google, Facebook, and other services.
This is the largest leak in history: 30 different databases, each containing tens of millions to 3.5 billion records. About 184 million accounts from previous leaks were already known, while the rest is new, “fresh” and vulnerable information.
The data is suitable for instant phishing attacks and account hacks — the login-password structures are ready to use. These are not old leaks, but new, fresh lists that are actively being sold on dark forums.
What experts advise:
• Change passwords for all important online accounts (Google, Apple, social networks, email, etc.).
• Enable two-factor authentication (2FA) — via SMS, code generator app, or hardware keys.
• Switch to passkeys — password-less logins protected by biometrics or PINs, recommended by Google and Meta.
• Use a password manager to generate long, unique combinations and store them securely.
• Do not click on links from unverified SMS messages, emails, or messengers to avoid phishing.
Even old passwords (even “12345678”) are still relevant — they are often used in such leaks. After leaks, many people do not change them in time: according to research, only ~33% of users update their password after an incident — and only 13% do so within 3 months.
Recorded Future, the world’s largest private intelligence and analytical company, will continue to support Ukraine in 2024 by allocating more than $23 million for Ukraine’s cybersecurity, Deputy Prime Minister for Innovation, Education, Science and Technology Development and Minister of Digital Transformation Mykhailo Fedorov said on Monday.
“Recorded Future tools help detect and eliminate cyberattacks at an early stage. These tools are used by the Ministry of Digital Transformation, the State Special Communications Service, the GUR, the SBU, the Ministry of Defense, the Prosecutor General’s Office and the Cyber Police,” Fedorov wrote on his Telegram channel.
According to him, the company also works with key enterprises in the energy and telecom sectors.
As reported, Recorded Future provided intelligence to protect Ukraine’s critical infrastructure, assisted in the investigation of Russian war crimes, and opened access to the Intelligence Cloud software platform.
In total, in 2023, the company invested more than $20 million in assistance to Ukraine.
As part of the Ukrainian-African renaissance, Ukraine seeks to develop relations of mutual respect and benefit with African countries, in particular offering a number of beneficial areas of cooperation for Nigeria’s new leadership, Ukrainian Foreign Minister Dmitry Kuleba said in an interview with the Nigerian edition of The Guardian Nigeria.
“In May, I became the first Ukrainian foreign minister to attend the presidential inauguration ceremony in an African country. It was Nigeria. This fact shows Ukraine’s commitment to developing relations with Nigeria’s new leadership. This way we show other African countries that Ukraine seeks to develop partnership based on mutual respect and shared benefits,” he said, according to the press service of the Ukrainian Foreign Ministry.
According to Kuleba, Ukraine has made steps towards each other in the spirit of mutual respect and now counts on reciprocal steps of the new leadership of Nigeria to develop mutually beneficial relations.
“We propose to increase the volume of trade and consider the possibility of attracting Ukrainian construction companies to projects in Nigeria. Ukraine also has a lot of experience in digitalization. Our “State on Smartphone” program allows citizens to do almost everything online, receive public services. We are ready to share this experience with you. Another promising area of cooperation is cybersecurity. Nigeria is one of the countries that suffer from the highest number of cyber attacks. We know how to counter them effectively,” he said.
Kuleba also stressed that the Peace Formula proposed by Ukrainian President Vladimir Zelensky is the only real way to restore a just and sustainable peace in Ukraine.
“Imagine if Nigeria, God forbid, experienced aggression – would you agree to give up part of your territory, allow someone to occupy it and torture your people? You wouldn’t agree to that. Being at the inauguration of your president, I saw your army. I am convinced that your warriors would have fought resolutely for your land. That is what we are doing today. We did not start this war. The hostilities are taking place on our territory, but we know what we are fighting for: the freedom and security of our citizens. And that motivates us to fight against the invaders,” the minister said.
Kyivstar and lifecell have launched new security solutions for their customers: “Kyivstar, in cooperation with Fortinet, a network security company specializing in devices, announced new cyber security solutions, while lifecell announced access to the DefensX browser with enhanced cybersecurity and credential protection to protect Internet users from online threats.
According to Kyivstar’s release, Fortinet solutions will be available in different versions: from physical hardware to specialized virtual machines. In particular, they will be available on a subscription basis.
It is also claimed that customized services to counter cyber threats can be offered, taking into account the needs of companies, with support at all stages of implementation and use.
“The peculiarity of the DefensX browser is that all web pages accessed by the user are opened in the cloud, i.e. remotely from the device traffic and the user’s endpoint, which ensures reliable blocking of malicious code fragments and potential threats,” lifecell explained the essence of its offer.
The company added that the browser’s features also include the ability to block ads and phishing warnings.
DefensX was developed by lifecell’s partner Secure Industries, Inc. The product was available as part of a comprehensive corporate solution for the partner’s B2B customers.
As reported, during the year of full-scale war, Kyivstar’s cybersecurity department successfully blocked more than 450 DDoS attacks on the network and more than 13 thousand phishing attacks.
Earlier, in 2021, Kyivstar business customers already have access to the AntiDDoS service to protect against DDoS attacks (a solution based on FortiDDoS from Fortinet).
The number of cyber incidents at the beginning of 2022 grew seven times compared to the same period last year, the CERT-UA government cybersecurity team said in a statement.
According to the data published on the CERT-UA website, since the beginning of 2022, 5,970 cyber incidents have been recorded and processed, of which 5,534 have been processed automatically.
Automatic processing includes informing providers about infected hosts of their clients and blocking phishing pages hosted in Ukraine.
Since the beginning of the year, 613 cyber incidents were classified as malware, and another 4,921 cases were phishing.
By sectors worked out by the CERT-UA team since the beginning of the year, 252 out of 436 incidents were registered in the UAGOV zone, 78 in the UACOM zone, and 62 in the FCOM zone.
According to the targets of the attack, 94 cyber incidents related to the sector of government bodies and local authorities, 68 to the security and defense sector, 25 to the financial sector. Telecom providers, commercial organizations, energy and transport sectors were also attacked.
At the same time, 170 cyber incidents were classified as low, 81 as medium, 72 as high, and 113 as critical.
The Foreign Ministry of Ukraine is in contact with international partners on countering cyberattacks and strengthening the cybersecurity system, measures are being taken to protect the websites of the Foreign Ministry and consulates abroad, Ukrainian Foreign Ministry Spokesman Oleh Nikolenko said.
On behalf of Foreign Minister Dmytro Kuleba, the Ukrainian diplomatic service has begun additional contacts with international partners to strengthen Ukraine’s ability to counter cyberattacks and develop cyber defense systems.
“A team of specialists from the Foreign Ministry, in cooperation with other involved departments, has already resumed the operation of the website of the Foreign Ministry of Ukraine: mfa.gov.ua,” Nikolenko wrote on his Facebook page.
He noted that as a result of the hacker attack, the content of the website was not damaged, no official information was leaked, and the internal IT systems of the Foreign Ministry are operating as normal.
“We are taking practical measures to strengthen the cyber defense of the Foreign Ministry and Ukrainian embassies and consulates abroad,” Nikolenko added.
