16 billion current passwords leaked online, including access to Apple, Google, and Facebook
According to Forbes, researchers from Cybernews have recorded a unique leak — more than 16 billion current login and password pairs on sites including Apple, Google, Facebook, and other services.
This is the largest leak in history: 30 different databases, each containing tens of millions to 3.5 billion records. About 184 million accounts from previous leaks were already known, while the rest is new, “fresh” and vulnerable information.
The data is suitable for instant phishing attacks and account hacks — the login-password structures are ready to use. These are not old leaks, but new, fresh lists that are actively being sold on dark forums.
What experts advise:
• Change passwords for all important online accounts (Google, Apple, social networks, email, etc.).
• Enable two-factor authentication (2FA) — via SMS, code generator app, or hardware keys.
• Switch to passkeys — password-less logins protected by biometrics or PINs, recommended by Google and Meta.
• Use a password manager to generate long, unique combinations and store them securely.
• Do not click on links from unverified SMS messages, emails, or messengers to avoid phishing.
Even old passwords (even “12345678”) are still relevant — they are often used in such leaks. After leaks, many people do not change them in time: according to research, only ~33% of users update their password after an incident — and only 13% do so within 3 months.
