16 billion logins, Apple included, exposed in massive data breach
2 Min Read
Researchers have uncovered 30 separate datasets, each containing up to 3.5 billion records, including data from social media platforms, VPN logins, and more.
-
A person works on a laptop, on June 19, 2017, in North Andover, Massachusetts. (AP)
Security researchers have uncovered what they describe as “one of the largest data breaches in history,” involving more than 16 billion compromised login credentials, including Apple accounts.
Speaking to Cybernews, the researchers warned that the breach gives cybercriminals “unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing."
In May, Wired reported on a "mysterious database" of 184 million records left exposed on an unsecured web server. According to new findings, that leak may have been only a fraction of a far larger breach.
Fraction of a far larger breach
So far, researchers have identified 30 separate datasets, each containing up to 3.5 billion records, compiled since early 2025. These include login details for social media, VPNs, developer tools, and corporate platforms, underscoring the massive scale and potential impact of the breach.
Researchers told Cybernews that the breach is far more than a simple leak, calling it a “blueprint for mass exploitation.” They emphasized the alarming structure and recency of the data, warning that this is not a repackaging of old breaches. "This is fresh, weaponizable intelligence at scale," they said.
The leaked datasets reportedly contain login credentials that grant access to a wide range of platforms and services, including Apple, Facebook, Google, GitHub, Telegram, and even various government systems.
Myriad of repercussions
According to researchers, a breach of this magnitude could fuel widespread phishing campaigns, account takeovers, and business email compromise (BEC) attacks.
What makes the breach even more dangerous is the organized nature of the data: URLs, usernames, and passwords are systematically indexed and bundled together for ease of use.
The report noted that most of the data was found temporarily exposed through unsecured Elasticsearch servers or open object storage buckets.
