Illustration by Avishek Das/SOPA Images/LightRocket via Getty Images
Researchers say they've uncovered one of the largest data leaks in history that involves many popular platforms.
The leak includes nearly 16 billion login credentials that could give cybercriminals access to social media and business platforms such as Apple, Gmail, Telegram, Facebook, GitHub, and more, researchers at Cybernews said this week.
Bad actors now have "unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing," the researchers said.
The number of exposed people or accounts is unknown. The researchers said the data likely comes from malicious software known as infostealers.
"What's especially concerning is the structure and recency of these datasets β these aren't just old breaches being recycled. This is fresh, weaponizable intelligence at scale," the researchers said.
Cybernews said researchers uncovered the leak when the datasets were exposed for a short period of time.
It follows the May discovery of a database containing more than 184 million credentials, including Apple, Facebook, and Google logins, Wired earlier reported.
If you're nervous that your logins are at risk, there are steps you can take to make your account safer.
You can't unring the bell of an information leak. However, you can take steps to identify if your credentials have been involved in any data breaches and protect yourself in the future.
You can check sites like Have I Been Pwned to see if your email has appeared in a data breach.
Turning on two-step authentication for your accounts can also help protect them from unauthorized access.
Platforms also offer resources to help users secure their accounts.
Google encourages users to use protections that don't require a password, like a passkey. It's one of the tech giants, along with Apple, Amazon, and Microsoft, that have been working to move users away from passwords to help secure their accounts.
For those who prefer to stick with passwords, Google's password manager can store login credentials and notify users if they appear in a breach, a spokesperson told Business Insider.
There's also Google's dark web report, a free tool that tracks whether personal information is floating around in online databases.
GitHub, an online coding platform, offers developers a guide on how to implement safety measures in their organizations. The site recommends creating a security policy, having strict password guidelines, and requiring two-factor authorization.
The data leak included logs βΒ "often with tokens, cookies, and metadata," which makes it "particularly dangerous for organizations lacking multi-factor authentication or credential hygiene practices," the Cybernews team said.
Meta offers a Privacy Checkup tool for users to review their privacy and security account settings. There, you can turn on two-factor authentication and ensure Meta alerts you of unusual logins.
Meanwhile, Telegram said its primary login method sends a one-time password to users over SMS.
"As a result, this is far less relevant for Telegram users compared to other platforms where the password is always the same," a Telegram spokesperson told BI about the data leak.
Apple, GitHub, and Meta did immediately respond to a request for comment on the data leak. Google said it was directing users to some of the security resources above.
AOP.Press/Corbis/Getty Images
Telegram cofounder and CEO Pavel Durov offered a quick personality assessment of some of his biggest tech rivals in a recent interview, calling Elon Musk "very emotional" and saying Sam Altman may not have the technical chops.
Durov, who was arrested last year after French authorities accused him of being complicit in letting criminal activity thrive on Telegram, pushed against the comparison some make between himself and Musk.
"We are very different. Elon runs several companies at once, while I only run one," he told the French outlet Le Point. "Elon can be very emotional, while I try to think deeply before acting." He added that Musk's perceived weaknesses, however, could also contribute to his strengths.
Both men have fathered many children βΒ Musk has at least 11 known kids, and Durov told Le Point that he has more than 100 through sperm donation. All of them, Durov said, will get a sliver of his billions (he's worth nearly $14 billion, according to the Bloomberg Billionaires Index).
When asked about Mark Zuckerberg's qualities and flaws, Durov said the Meta CEO "adapts well and quickly follows trends, but he seems to lack fundamental values that he would remain faithful to, regardless of changes in political climate or fashion in the tech sector."
Zuckerberg has made notable changes at Meta in recent months and since President Donald Trump came back into office, including ending diversity, equity, and inclusion efforts and third-party fact-checking. Durov has recently criticized the Meta-owned rival WhatsApp, calling it a "cheap, watered-down imitation of Telegram." A spokesperson for WhatsApp previously told BI that the app was "born with privacy in our DNA long before Telegram came along."
In terms of Altman's qualities and flaws, Durov praised his social skills, saying they've allowed him to make crucial alliances related to ChatGPT.
"But some wonder if his technical expertise is still sufficient, now that his co-founder Ilya and many other scientists have left OpenAI," Durov said, referring to the company's co-founder and former chief scientist Ilya Sutskever. He added that it will "be interesting" to track whether ChatGPT can stay ahead in the competitive world of AI chatbots.
Representatives for Musk, Zuckerberg, and Altman did not immediately respond to Business Insider's request for comment.
On Thursday, Telegram announced it had removed two huge black markets estimated to have generated more than $35 billion since 2021 by serving cybercriminals and scammers.
Blockchain research firm Elliptic told Reuters that the Chinese-language markets Xinbi Guarantee and Huione Guarantee together were far more lucrative than Silk Road, an illegal drug marketplace that the FBI notoriously seized in 2013, which was valued at about $3.4 billion.
Both markets were forced offline on Tuesday, Elliptic reported, and already, Huione Guarantee has confirmed that its market will cease to operate entirely due to the Telegram removal.
Β© Bloomberg / Contributor / Bloomberg
Login