A huge data breach, called “COMPROT” has been discovered exposing a staggering 16 billion login credentials. This incident is now one of the biggest data breaches ever. The breach, which includes login credentials for major platforms like Apple, Google, and Facebook, raises serious concerns about online security. Our researchers think these stolen records come from a number of infostealers and a combination of various other datasets from past breaches.

Only a small window of time made these credentials exposed. Yet, they point to the increasing danger posed by infostealer malware and the risk that our online accounts face. Cybersecurity experts are imploring ChatGPT users to act quickly to secure their accounts by resetting their passwords or activating multi-factor authentication.

Scope and Source of the Breach

The 16 billion login credentials are from a combination-style breach. That does not mean they were stolen in one cohesive incident. Rather, they are aggregated from different datasets found over the course of the year. Security researcher Volodymyr Diachenko described the probable origin of the breach.

"It comes from various infostealers logs. Probably a backend infrastructure left exposed. Elasticsearch is a good environment to query such logs." - Volodymyr Diachenko, security researcher and owner of SecurityDiscovery.com.

>Diachenko noted that the scale and increase of infostealer infections should worry everyone.

"First things first — it wasn't a single source of exposure. This is not about the number (though it is scary!), but the scale and rise of infostealers infections these days." - Volodymyr Diachenko, security researcher and owner of SecurityDiscovery.com.

Of the 30 datasets found, the rest were only temporarily available through Elasticsearch or such things as “object storage instances. It was in this short window that researchers discovered the data. This incident brought attention to who else may have accessed it. Cybernews noted the brief window of exposure.

"The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data." - Cybernews.

The results account for 65375155 compromised login credentials from various datasets found since January 2023. In May, we discovered an unsecured proprietary database that left 184 million voter records exposed. This finding points to the ongoing risk of security incidents.

Impact on Major Platforms

The data breach has compromised login credentials for popular online platforms, such as Apple, Google, and Facebook. This means that any user of these services is at risk of having their accounts potentially hijacked. Diachenko went on to verify that the stolen data did include login credentials for these platforms.

"Credentials we’ve seen in infostealer logs contained login URLs to Apple, Facebook, and Google login pages.”" - Volodymyr Diachenko, security researcher and owner of SecurityDiscovery.com.

The results of these compromised accounts can be catastrophic. These threats range from identity theft and financial fraud to the hackers gaining access to your personal information and social media accounts. In light of how widely used these platforms are, the data breach could greatly increase the reach of the attackers.

Protecting Your Accounts

Security experts are raising the alarm after a huge security breach. Users aren’t just encouraged—companies like Facebook, Google, Microsoft, Twitter, and many others want users to activate new security features. Perhaps the single most important measure is changing your passwords, particularly for accounts that share your universal password on various platforms. Ignas Valancius, head of engineering at NordPass, underlined the immediacy of this step.

"I recommend changing passwords immediately before the threat actors start poking around in your accounts. You need to act fast because platforms like Google, Apple, or Facebook are the gateways to your entire digital life, especially if you store passwords in browsers and don't use multi-factor authentication (MFA) or passkeys." - Ignas Valancius, head of engineering at NordPass.

Setting up two-factor authentication (2FA) is the second most important step. 2FA adds an extra layer of security by requiring a second verification method, such as a code sent to your phone, in addition to your password. This helps to ensure that it is much more difficult for attackers to compromise your account. Even with your password they’ll find it hard to log in.

"Users must be extra careful because information in the leaked datasets opens the door to pretty much any online service, from Facebook and Google to GitHub and Telegram." - Ignas Valancius, head of engineering at NordPass.

Speaking about the dangers of password-only authentication, Niall McConachie, regional director (UK & Ireland) at Yubico said that there is an urgent need for better authentication.

McConachie cautioned that data breaches will be a reality as long as passwords remain the main line of defense.

"As this huge data breach shows, passwords are just not good enough to protect our most important personal details and secure our online presence." - Niall McConachie, regional director (UK & Ireland) at Yubico.

When it comes to stronger authentication, McConachie recommended passkeys and physical security keys as better options.

"By continuing to rely on passwords, huge data breaches like this will persist — and they’ll only get worse." - Niall McConachie, regional director (UK & Ireland) at Yubico.

Aside from these safeguards, the best defense to phishing attempts is to be aware and exercise care with odd emails, links, and attachments. Safeguard yourself by not clicking on links or opening attachments received from unfamiliar sources. These may have been compromised with malware that steals your login credentials. To protect yourself against malware, don’t sideload apps and don’t open attachments or links in email or text messages from unknown people. Just limiting the apps you have available on your phone can be a game changer. Even the greatest applications can become dangerous when they are contaminated with destructive code.

"Instead of relying on passwords or legacy MFA to keep accounts safe, users must be encouraged to protect their accounts with device-bound passkey options like physical security keys." - Niall McConachie, regional director (UK & Ireland) at Yubico.

"As we rely on the internet more and more for critical services, users should opt for the highest-assurance authentication method to ensure their data is fully protected and not at risk of being accessed by cyber criminals." - Niall McConachie, regional director (UK & Ireland) at Yubico.

Find out if your username and password combination is among the millions that have been hacked! Have I Been Pwned Utilize Have I Been Pwned, a useful website that lets you search your email address or username to see if it has appeared in any identified data breaches.

Though the 16 billion login credential breach is especially huge, this is not a one off occurrence. Several other companies have recently reported data breaches, highlighting the ongoing threat of cyberattacks.

Other Recent Data Breaches

Krispy Kreme has confirmed a data breach has impacted some of its customers.

These incidents serve as a reminder that both individuals and organizations need to be continuously vigilant and take proactive security measures.

"This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group." - Aflac.

Krispy Kreme also reported a data breach affecting some of its customers.

"We are notifying affected individuals and will be providing detailed information specific to their data,” - Krispy Kreme.

These incidents underscore the importance of vigilance and proactive security measures for both individuals and organizations.