The story unfolds under tension, but against the current. While bombs shake the Middle East, another front is aflame: the Internet. A digital earthquake has just exposed 16 billion identification data, according to Cybernews. Among them, access to Apple, Google, Facebook… Nothing discreet. Passwords, cookies, full sessions, laid bare. This is no longer a breach, it is a collapse. The era of stealthy cracks is over. The age of mass digital plundering has arrived.
There have been hacks that shook fintech, like Bybit’s $1.4 billion evaporated. But what’s brewing in the shadows of recent revelations might make this hemorrhage look like a mere scratch. According to Cybernews, 30 data sets have been identified, each containing up to 3.5 billion credentials. For comparison, that represents two credentials per human being on Earth. Researchers talk about leaks from malware, notably infostealers, capable of sucking up everything you type, click, or save.
Each line of these databases contains a URL, a username, a password. This opens the door to Apple, Facebook, Google, GitHub, government portals. The hackers did not break directly into these giants. But the harvested credentials allow entry quietly, bypassing walls through the most ordinary accesses: your already open sessions.
As Mario Nawfal explains:
This is not just a leak. It’s a roadmap for mass exploitation.
And the damages are not over. New databases emerge every week. The threat is active. Alive. And it learns.
What makes this leak particularly dangerous is the technology used to assemble the data. Cybernews researchers found the databases temporarily hosted on unsecured storages, like Elasticsearch or cloud objects. No sophisticated hack here: just negligence, an organizational flaw.
One of the data sets was linked to Telegram, another to Russia. One of them contained 455 million credentials. Cookies and authentication tokens were also present. In short, some hackers can access your accounts even if you change your password. And not all services automatically reset cookies.
Technology is a double-edged sword. It facilitates communication, exchange, innovation. But in the wrong hands, it becomes an accelerator of disasters. Experts talk about a new era in cyberattacks: moving away from Telegram groups to centralized bases ready to be exploited on a large scale.
One of the most striking quotes from the investigation is this, signed Cybernews:
This is not just a leak – it’s fresh, actionable intelligence at scale.
A cold, clinical phrase. It sums up the whole logic of industrialized cybercrime.
If the web giants tremble, so does the crypto community. Developers, traders, DApps all rely on secure access. And most use the same logins as everyone else: Google, Facebook, GitHub. In other words, the keys to Web3 have just been dropped in the street.
Even security initiatives in blockchain, like decentralized authentication, struggle to compete against this massive attack. Grok’s reply to Satoshi Club’s tweet clearly references the scope of this leak: this breach affects Apple, Google, and GitHub alike. And by extension, the crypto universe.
Here is what you need to remember:
The consequences are systemic. The technology used to secure access becomes itself a vulnerability vector. It is a brutal challenge for the entire ecosystem.
With 16 billion stolen data records, the Coinbase case, which involved nearly 70,000 victims last May, seems almost anecdotal. Yet it was enough to trigger a ransom demand and a loss of trust. So imagine what 16 billion digital entry points in the hands of bad actors can cause. Technology evolves fast. Cybercriminals do too. This time, the battle is fought silently… and in broad daylight.
