Was there the biggest data leak in history? Experts warn

16 billion records — this figure has appeared in fresh reports on the possibly top data breach in history. The media around the planet has picked up the subject, pointing to a possible threat to millions of users of services specified as Google, Apple, Facebook or Telegram. However, experts reduce emotions: we are talking not about 1 large attack, but about the long-term effect of malware.

What was truly revealed? Not 1 attack, but a collection of thefts.

As indicated by the service CyberNews, based, among others, on analyses of available databases in the darknet, the published set of 16 billion records is not the consequence of a single leak. This. multi-year data mixthat have been stolen by alleged infostealers — malicious software that infects computers and extracts logins, passwords, cookies, session tokens and another confidential information from them.

The harvest content includes:

• logins and passwords (commonly unencrypted),
• access tokens to user sessions,
• cookies storing authentication data,
• and another browser data, specified as saved forms or bookmarks.

Experts from ♪ Dangerous. ♪ indicate clearly: no direct hack into Google or Apple systems. The data provided is an effect compile information from different computerswho have fallen victim to malicious software.

16 billion records — the scale is impressive, but that is not the full truth

Although the number of 16 billion can origin shock, experts point out that:

• many records repeat, containing the same user data stored at different times,
• some of the information may come from years ago and be out of date,
• But they might be among them. also active account data.

Such databases are of peculiar importance for cyber criminals utilizing credential stuffing — mass attempts to sign into online services based on stolen logins and passwords. Especially for people who do not change passwords and do not usage two-component authentication, the hazard of breaching an account increases.

Google warns users. How do you defend yourself?

Google has already started the process of informing userswhose data may have been among the revealed records. The company encourages:

• immediate change of passwords,
• inclusion of 2 component authentication (2FA),
• review of devices and sessionswho have access to the account,
• and to use password managerwhich detects duplicate and weak passwords.

Experts add that this is besides a good time for installation of antivirus software and conduct full strategy scanto make certain the device has not been infected with malware.

Why is this leak crucial — even if it is not “new”?

Although the revealed data is not the consequence of a one-time cyber attack, and a clump of many smaller past thefts, making them available in 1 place makes them potentially more dangerous. Criminals now have easier access to a vast amount of information that can be used:

• to phishing,
• to impersonate users on social media,
• to bargain identity,
• to log into bank accounts, online shops or email boxes.

Additionally, even if the data is partially obsolete, combined with fresh socio-technical techniques can be utilized for effective attacks.

Expert comment: what does this situation tell us?

According to analysts, the case of "16 billion records" shows that cybersecurity is not just the issue of large corporationsbut responsibility of all net user. It is not a spectacular attack that should disturb us today, but continuous, systematic data theft process, which has been going on for years — and its effects only now become apparent.

Such incidents remind of the necessity of:

• regular password change,
• not utilizing the same login data in different services,
• and informed usage of the Internet, including avoiding installation of unknown applications and clicking on suspicious links.

What's next? Time for digital hygiene

Although we're not dealing with a breakthrough cyber attack, The scale of the disclosed data should force users to act. Even if your data is not part of this peculiar database, it is worth asking yourself: are my accounts truly safe?

Best practices for present are:

• changing password to main services (e-mail, banking, social media),
• including 2FA where possible,
• use of different passwords in different services,
• And knowing that erstwhile stolen data can travel online for years.

SEO tags: data leak, cyber attack, network security, Google, credential stacking, infostealer, 2FA, privacy, cybersecurity, individual data, password, Facebook, Apple, Telegram