'Infostealer' malware pulls off cyber-breach exposing billions of login credentials
It’s not just another data leak — it’s the World Cup of cyber breaches.
Over 16 billion login credentials have reportedly spilled onto the internet, making this the largest password breach in internet history.
Yes, your passwords might be part of the guest list.
Cybernews and Forbes uncovered the leak on Thursday (June 19), sending shockwaves through cybersecurity circles.
But a day earlier, on Wednesday (July 18), TechRadar already reported that a researcher found 184 million unique credentials in unsecured database including bank, health, government, and major tech platform.
It included logins emails, usernames, passwords and more in the unsecured database, as per TechRadar.
“This breach is unprecedented,” Akram Khazi, CEO of Dubai-based RAS Infotech told Gulf News.
Khazi calls it a massive digital “storm”, with the potential to disrupt everything from personal emails to government systems.
What you should know – and do now:
Q: Why is it a big deal?
What really sets this password breach apart isn’t just its massive size — it’s the freshness and organisation of the stolen data.
This breach is unprecedented. With such a vast amount of personal data now exposed, cybercriminals effectively have a feast of information at their disposal.Akram Khazi, CEO of Dubai-based RAS Infotech
Unlike your typical recycled password dump from a dusty old forum, this breach features newly harvested credentials, many of them gathered by sneaky “infostealer” malware.
“With such a vast amount of personal data now exposed, cybercriminals effectively have a feast of information at their disposal,” Akram added.
Khazi said the break-in, the result of infostealer malware, is a blueprint for global exploitation: One password could unlock not just your email, but your bank accounts, cloud files, and work systems.
Q: What do infostealer malware do?
They are digital pickpockets quietly siphoing off usernames and passwords from infected devices, then upload the loot to attacker-run servers.
The result? A hacker’s dream spreadsheet: clean, structured entries listing the source website, email or username, and password.
The data is pulled from at least 30 different datasets, each packing tens of millions to billions of records.
Bottom line: this isn’t just a leak — it’s a password goldmine. And the clock is ticking.
Q: Which sites are affected?
The breach contains usernames and passwords from tech giants like Apple, Google, Facebook, Telegram, GitHub, and even some government websites, as per Cybernews and Forbes.
Q: Who is affected by this breach?
Potentially everyone.
The breach spans global platforms. It includes data from hundreds of millions of users across various regions.
If you’ve ever logged into a popular site or app, there’s a real chance your data is in the mix.
Q: Why is this breach especially dangerous?
Security professionals warn that this isn’t “just another leak.” What makes it more threatening is:
Scale: 16 billion credentials.
Freshness: Many were stolen recently, not years ago.
Organization: Structured data makes exploitation easy.
Accessibility: These credentials are being sold or traded on dark web markets for low prices.
“What’s particularly concerning is that this is a recent breach — many affected users may not yet have updated their credentials. A major cybersecurity catastrophe could unfold over the coming months,” warned Khazi.
Q: What are tech companies and governments doing?
Google has urged users to shift from passwords to passkeys—a newer, phishing-resistant login method.
The FBI has warned against clicking on suspicious SMS links, which may be part of phishing schemes linked to the breach.
Cybersecurity firms like RAS Infotech are encouraging urgent, proactive action to prevent fallout.
Q: What should we do now?
RAS Infotech recommends immediate action:
Change passwords immediately, particularly for accounts that share credentials
Activate Multi-Factor Authentication (MFA) wherever possible
Avoid previously breached or commonly used passwords
Establish and follow a routine password update policy
Monitor accounts and devices for suspicious activity or login attempts
"This breach highlights the urgency of practicing good password hygiene and staying alert. Cyber resilience begins with each of us," said Khazi.
Sign up for the Daily Briefing
Get the latest news and updates straight to your inbox