Data breach compilation lists 16 billion compromised passwords
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Sarah Grillo/Axios
More than 16 billion login credentials for Google, Facebook, Apple and other platforms have been exposed in one of the largest databases of cybersecurity breaches of all time, according to a Cybernews report.
Why it matters: Researchers say that this "is not just a leak — it's a blueprint for mass exploitation," the report said.
Yes, but: The Cybernews article notes there was "no centralized data breach at any of these companies."
- BleepingComputer.com also reports this was not a new data breach and says the involved websites "were not recently compromised to steal these credentials."
How to protect yourself from data breaches
Zoom in: A Google spokesperson told Axios that the issue did not stem from a Google data breach and the company encourages users to adopt more secure, passwordless authentication methods like passkey.
- Google also suggests using tools like its Password Manager to store passwords, which will notify you if they are involved in a breach.
- Meta introduced "passkeys on Facebook for mobile devices, offering another tool to safeguard your privacy and security."
Data breaches are more common than you think
Our thought bubble from Axios Future of Cybersecurity author Sam Sabin: Mega breaches like these are more common than people realize due to the increasing prevalence of infostealer malware.
- Turning on MFA will help prevent account breaches.
- It's also unclear how fresh the leaked passwords are, Sabin shares.
More from Axios:
- Costco changing hours for executive members on June 30
- RFK says Starbucks is going to "further MAHA its menu"
- Amazon announces its longest Prime Day is coming in July
Editor's note: The headline and opening sentence have been updated to clarify that the 16 billion compromised passwords represent a compilation of past known breaches (not a new breach).
