16 billion users' passwords from Apple, Facebook, and Google have been leaked

Security experts have discovered what could be the largest password leak ever recorded, with an incredible 16 billion login details now exposed online. According to findings reported by Cybernews, researchers have been tracking this massive data breach since the beginning of 2025, uncovering 30 separate datasets containing anywhere from tens of millions to over 3.5 billion records each.

The leaked information includes passwords and login details for major services like Facebook, Google, Apple, GitHub, and Telegram, making it a serious threat to internet users worldwide. Research teams discovered that most of these datasets had never been reported before, making this discovery particularly alarming. The Cybernews investigation reveals that these aren't old recycled breaches but fresh data that criminals can use immediately for attacks. Most of the stolen information follows a clear pattern with website addresses followed by usernames and passwords, which is exactly how modern password-stealing software works.

The scale of this breach is truly massive, as Forbes reporting confirms that this represents the largest collection of compromised login credentials ever found in one investigation. Security expert Lawrence Pingree from Dispersive explains that intelligence agencies and criminals both use these types of password collections, often selling them individually or repackaging them multiple times on the dark web. The 16 billion leaked passwords mean there are about two compromised accounts for every person on Earth, though many records likely overlap between different datasets.

Forbes analysis shows that this data comes from multiple infostealer programs, which are malicious software tools that secretly steal passwords and other sensitive information from infected computers. What makes this leak particularly dangerous is that it contains recent data with session cookies and authentication tokens, not just old passwords. Security researchers warn that these credentials provide a blueprint for mass cyber attacks, including identity theft, phishing schemes, and unauthorized access to personal accounts across virtually every online service imaginable.

The discovery has prompted urgent warnings from cybersecurity professionals worldwide, with the Economic Times highlighting how this breach creates an unprecedented global security risk. Unlike previous password leaks that contained mostly outdated information, this collection represents fresh and highly organized data that criminals can immediately use for attacks. The stolen credentials were gathered through infostealer malware programs that secretly infected computers and collected login information from web browsers and applications. Economic Times reporting emphasizes that this breach goes beyond being just another data leak—it provides criminals with ready-to-use tools for widespread exploitation of internet users. The structured nature of the data makes it particularly valuable for automated attacks, where criminals can try thousands of password combinations quickly across multiple websites.

Security experts are calling this situation a global alarm because it affects users of every major online service, from social media platforms to government websites. The timing is especially concerning as more people rely on digital services for work, banking, and personal communication, making the potential impact of this breach far more serious than previous incidents.

To protect against this massive breach, security experts recommend immediately changing passwords on all important accounts, especially if you use the same password on multiple websites. Using a password manager to create unique, strong passwords for each account is now more critical than ever. Additionally, enabling two-factor authentication wherever possible adds an extra layer of security even if your password gets stolen. Experts also suggest regularly checking if your passwords have been compromised using legitimate breach-checking services and monitoring your accounts for any suspicious activity.