Massive Password Leak Hits Tech Giants: Over 16 Billion Records Exposed on Dark Web
A staggering 16 billion passwords, including confidential login credentials from major tech platforms such as Apple, Google, Facebook, GitHub, Telegram, and even various government services, have reportedly been leaked and are now circulating on the dark web. Alarmingly, the compromised data includes not just login information but also sensitive, secret passwords.
According to a Forbes report citing Cybernews, the investigation was led by Cybernews researcher Vilius Petkauskas. It uncovered a mysterious and unsecured database containing 184 million records hosted on a web server.
In addition, Cybernews researchers identified 30 datasets, each containing up to 3.5 billion records. These include login credentials for social media accounts, VPNs, corporate portals, and developer platforms — all reportedly collected since the beginning of 2025. Researchers fear this data could soon be widely exploited.
Vilius Petkauskas stated, “We have been tracking this leak since early 2025. Our analysis found over 16 billion records across 30 different datasets, each containing tens of millions to as many as 3.5 billion user data entries.”
Experts believe the breach was primarily caused by infostealer malware — a type of malicious software that covertly copies usernames and passwords saved in browsers and transmits them to remote servers. The data has reportedly been organized in a structured format, with each entry listing a URL, username, and the associated password, providing a clear map of users’ login activities across platforms.
