Cybersecurity leaders have sounded the alarm. For the first time, they found more than 16 billion credentials that were exposed on the internet. Volodymyr Diachenko, co-founder of SecurityDiscovery, revealed what was probably the most alarming statistic. This information is drawn from 30 datasets with credentials for all of the big players’ platforms—Apple, Google, Facebook, etc. The fact that these credentials have been exposed represents a real danger to all users, globally.
Diachenko found the datasets exposed online, after their owners had improperly indexed them without sufficient password protection. “This is a collection of various data sets that appeared on my radar since the beginning of the year, but they all share a common structure of URLs, login details, and passwords,” Diachenko stated. His findings contribute to a growing alarm among industry professionals that these credentials could be weaponized by cybercriminals.
That reality hit Simon Green, the new president of Asia-Pacific and Japan at cybersecurity provider Palo Alto Networks, hard. He was especially alarmed at how widespread the exposure was. He further cautioned that threats from infostealers — malware built to scrape personal information from devices — have grown worse. “Many modern infostealers are designed with advanced evasion techniques, allowing them to bypass traditional, signature-based security controls, making them harder to detect and stop,” Green explained.
These risks are exacerbated by how readily underground markets now provide “cybercrime-as-a-Service.” Green said this shift has made cybercrime more accessible. Today, bad actors have unprecedented access to advanced tools and techniques. Ismael Valenzuela, the vice president of threat research and intelligence at Arctic Wolf, has carried some disturbing headlines. Infostealer attacks increased dramatically, up 58% in 2024!
The complexities surrounding this issue are further highlighted by Europol‘s European Cybercrime Centre, which has identified the “Lumma” infostealer as “the world’s most significant infostealer threat.” In May, Europol joined Microsoft and law enforcement agencies around the world to disrupt one of the largest malware campaigns. By March, this campaign had already affected a whopping 1 million devices across the world.
Diachenko suspects more than one party is behind the exposures he discovered over the year. He stressed that “someone, somewhere is having data exfiltrated from their machines as we speak,” underscoring the urgency of addressing this growing threat.
With malware and malicious online activity increasing in frequency, Simon Green recommends a shift to a “zero trust architecture.” This is the common sense, people-focused, corporate-protection approach we should all support. This method seeks to improve security protocols and safeguard sensitive information from future breaches.
Valenzuela joined in on this observation, confirming that now more than ever it is crucial to stay ahead in the fight against cyber threats. He noted that all of us are more than a little bit predisposed to an infostealer threat. This reality has turned into one of the focal assumptions of today’s digital world.
Data breaches create a “vast, interconnected web of compromised identities,” according to Green. Yet this interconnectedness means that one breach can result in later attacks on other platforms or services. Diachenko is certain that many of the exposed login datasets he found will eventually fall into the hands of online scammers. This does an immense disservice to users’ security.