A record-breaking data breach has exposed 16 billion login details from Apple, Google, Facebook, and other services, sparking major concerns for crypto holders. The leak, discovered by Cybernews researchers, threatens accounts tied to wallets and exchanges, especially those without strong security.
The breach was reported after researchers found 30 exposed databases, some holding over 3.5 billion records each. While most of these datasets had never been reported before, one included a previously known collection of 184 million records. Cybernews stated the leaked information could lead to “mass exploitation,” warning that hackers now have access to “fresh, weaponizable intelligence at scale.”
The exposed credentials reportedly came from unsecured Elasticsearch and cloud storage systems. These included not just usernames and passwords but also cookies, tokens, and metadata.
Such data can be used to hijack almost any account, from social media and government logins to developer tools like GitHub and messaging apps like Telegram. With crypto wallets often linked to email addresses, stolen login info could allow bad actors to reset passwords, bypass security, or access funds directly.
Experts warn that custodial wallets are especially at risk. These are wallets managed by third parties, such as exchanges, where users don’t control their private keys. A stolen email and password could be all it takes to get in. In some cases, wallets backed up with password-based recovery phrases in cloud storage are also vulnerable.
According to Cybernews, “most of the data was previously unknown,” and its release opens the door to widespread account takeovers.
Crypto exchanges are expected to urge users to change their passwords and enable two-factor authentication (2FA). Weak passwords and reused logins make it easier for hackers to exploit leaked credentials.
Users are advised not to store recovery phrases or seed phrases in cloud platforms, as this could lead to wallet theft if accounts are compromised.
The breach affects nearly every major online platform, making it one of the biggest security threats in recent memory. In a digital age where one password can unlock an entire life, experts urge users to act fast.
Cybernews did not identify who leaked the data but said it’s “virtually guaranteed” that at least some of the databases were controlled by cybercriminals.
Also Read: Kraken Launches Native Bitcoin Staking With Babylon
