Change Your Passwords Now: Facebook, Instagram, Apple Hit by Massive Data Breach

A massive security breach has come to light, affecting 16 million login credentials across 30 databases. The breach has potentially compromised users of major platforms, including Facebook, Instagram, Gmail, Apple, and countless other services—making it possibly the largest credential leak in history.

The stolen data could give cybercriminals unprecedented access for account takeovers, identity theft, and highly targeted phishing campaigns, threatening both individuals and organizations. Internet users have been urged to change their passwords immediately.

CyberNews researchers uncovered the breach during an ongoing investigation that began in January 2025. Before the data was secured, it was briefly accessible through unsecured databases.

While Wired Magazine reported a single 184-million-record database in May, all other datasets involved in this breach were previously undisclosed.

What’s particularly alarming, the researchers said, is that the breach spans nearly every major online service, creating a "blueprint for mass exploitation."

The stolen data includes login credentials for platforms such as Facebook, Instagram, Gmail, GitHub, Telegram, various VPN services, and even government portals.

Each record reportedly follows a standard format—website URL, username, and password. According to researchers, this structure matches the collection methods used by infostealer malware, a type of malicious software designed to extract sensitive information from infected devices.

Experts warn that this breach represents "fresh, weaponizable intelligence at scale," rather than recycled data from older leaks.

In addition to changing passwords, cybersecurity professionals recommend:

• Enabling multi-factor authentication (MFA) wherever possible
• Using password managers to create strong, unique passwords
• Regularly monitoring accounts for unusual activity