One of the Largest Data Breaches in History: 16 Billion Records Exposed
In June 2025, the internet witnessed one of the largest data breaches in history. Over 16 billion unique records — including logins, passwords, cookies, and personal information — were discovered, all harvested by infostealers: malicious software designed to extract sensitive data directly from users’ devices. Contrary to some assumptions, this leak did not result from a hack of Apple, Google, or Facebook. The truth is far more complex — and far more dangerous.
What Really Happened
This wasn’t a targeted attack on a single company. Instead, it was the result of massive, systemic data harvesting via infostealers — malware that infects devices through phishing emails, pirated software, rogue browser extensions, or malicious websites.
Once installed, the infostealer silently grabs everything it can:
- logins and passwords;
- access tokens (bypassing two-factor authentication);
- saved browser cookies;
- browsing history, autofill data, confidential files.
This data is then sent to a command server controlled by cybercriminals. From there, it’s either sold on the dark web or leaked in bulk. The recently uncovered database consists of merged data from more than 70 separate servers. Some were even publicly searchable — hosted without passwords or with open APIs.
What Was Stolen
More than 16 billion records, mostly from 2024–2025. The leaked data includes:
- credentials for Google, Apple, Facebook, Telegram, TikTok, YouTube, PayPal, and many banks;
- accounts from government, corporate, and private systems;
- full user sessions, bypassing MFA entirely.
Much of it appears as so-called “log files” — revealing the site, device, and country from which the data was siphoned. Even employees of major organizations were affected.
How This Happened
- Malware-as-a-Service (MaaS): Anyone can buy an infostealer for a few dozen dollars, hide it in a pirated app or fake installer, and start harvesting.
- Human error: Many users still don’t use antivirus protection or rely on outdated browsers with unencrypted password storage.
- Poor server security: Some stolen data was stored on open-access servers by unskilled attackers.
- Global scale: Millions of computers were infected. A single careless click or installation was enough.
Why the Danger Is Real — Right Now
- Leaked tokens and cookies allow attackers to log in without passwords.
- The data is used for phishing, scams, crypto theft, business account takeovers, DDoS attacks.
- Most users don’t even realize they’ve been compromised — because no major company was directly breached.
Revelant
What You Should Do Immediately
- Change all your passwords, especially for email, banking, social media, and cloud services.
- Enable two-factor authentication (MFA) — ideally via apps like Google Authenticator or security keys (not SMS).
- Clear your browser’s autofill and saved passwords.
- Check if your data was exposed using tools like haveibeenpwned.com or Cybernews Leaks Checker.
- Avoid pirated software, unknown attachments, and suspicious browser extensions.
- Keep your system, antivirus, and browser up to date.
Don’t Panic — Act
This is not the first major breach, and it won’t be the last. But what makes this one unique is that it’s not a corporate hack — it’s an attack on individuals. The stolen data came from our sessions, our devices, our carelessness in saving passwords in browsers.
The scale of this breach makes one thing clear: the biggest vulnerability is not the hacker — it’s us. Tools for protection exist, but they only work when used. In the digital world, your personal boundary isn’t a wall — it’s a password. And if it’s weak, no company can protect you better than you can protect yourself.
About the Author
Related posts:
Silent Vulnerability: How Password Reset Became a Hacker’s Favorite Tool 
Multiple Citizenship in Ukraine: A Step Toward Reality, Not a Threat to Identity 
Draft Law No. 9363: automated enforcement or threat to rights? Tackling debt in the age of automation 
Staying the Course: What the Ukrainian Cabinet Actually Decided on May 27
