A record-breaking data breach unveiled 16 billion login credentials, sourced from various infostealers, not recycled from previous breaches. These records encompass data from approximately 30 databases, causing concerns over potential identity theft and account takeovers. Essential information includes URL, login details, and passwords, with risks affecting services like Apple, Facebook, and Google. Researchers warn that the dangerous nature of this breach, attributed to old and new infostealer logs, signals a possible shift in cybercriminal tactics from forums to centralized databases for stolen data acquisition.
This is fresh, weaponizable intelligence at scale.
The inclusion of both old and recent infostealer logs - often with tokens, cookies, and metadata - makes this data particularly dangerous for organizations lacking multi-factor authentication or credential hygiene practices.
The increased number of exposed infostealer datasets...may be a sign, that cybercriminals are actively shifting from previously popular alternatives such as Telegram groups.
The potential overlap makes it currently impossible to determine how many individuals may be affected.
Collection
[
|
...
]