Over 16 billion login credentials from top online platforms, including Apple, Google, Facebook, and Telegram, have been exposed in one of the largest data breaches in history.
The leak was discovered today by the Cybernews research team, which includes sensitive information such as passwords, tokens, cookies, and metadata, putting millions of users, particularly in the crypto space, at risk of cyberattacks.
The dangers behind massive security breaches
The breach consists of 30 separate datasets, each containing between tens of millions and over 3.5 billion records. According to Cybernews, “None of the exposed data sets were reported previously, bar one […] a ‘mysterious database’ with 184 million records.”
The scale volume of leaked passwords—averaging 550 million entries per dataset—makes this one of the most severe cybersecurity threats in recent years.
Most of the data was exposed through unsecured Elasticsearch or object-storage instances, making it easily accessible to cybercriminals.
Researchers warn that this breach is not just a leak but “a blueprint for mass exploitation.” With billions of fresh credentials available, hackers now have “unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.”
Crypto users are at high risk
The cryptocurrency industry is particularly vulnerable, as attackers can use stolen credentials to target custodial wallets, exchanges, and cloud-stored seed phrases.
As a result of the breaches, the password-based backups in unsecured cloud services could enable hackers to gain access to private keys, resulting in significant financial losses.
The breach also highlights the dangers of poor security practices, such as password reuse and weak authentication.
Cybernews researchers emphasise, “The inclusion of both old and recent infostealer logs – often with tokens, cookies, and metadata – makes this data particularly dangerous for organisations lacking multi-factor authentication or credential hygiene practices.”
How African crypto users can protect themselves
Given the scale of the data breach, crypto users across Africa, particularly in countries with high adoption rates, such as Nigeria, South Africa, and Kenya, must act swiftly to protect their digital assets.
Here’s what security experts recommend:
Change your passwords immediately, especially for critical accounts such as email, cryptocurrency exchanges, and wallet services. Many platforms rely on email access for password resets, so a compromised email can be the key to your entire crypto portfolio.
Enable two-factor authentication (2FA) wherever possible. This adds an extra layer of protection by requiring a second verification step, such as a code sent to your phone or generated by an app, even if your password is stolen.
Avoid storing your seed phrases or recovery phrases in cloud services like Google Drive or iCloud. If your cloud account is compromised, so is your wallet. Instead, use offline methods such as writing them down and storing them in a safe place to reduce the risk of remote theft.
As Cybernews warns, “This is fresh, weaponizable intelligence at scale.”
With cybercriminals actively exploiting such breaches, vigilance and strong security measures are no longer optional—they are essential for protecting digital assets in Africa’s growing crypto economy.