Data Breach Hasn't Dampened Infostealer Threat
2021's 16 Billion Credential Leak: A Compilation of Previously Leaked Data
In a shocking revelation, it has been confirmed that the 16 billion login credentials leak reported in 2021, which involved major tech companies like Apple, Google, and Facebook, was not a new data breach. Instead, it was a compilation of previously leaked data gathered from various older breaches and sources.
This massive dataset, often the result of combining credentials leaked over time from various leaks and breaches on the dark web, is a testament to the threat posed by infostealers. Infostealer malware, known for extracting sensitive and often financial data from infected devices, is believed to be the primary source of the stolen data in this case.
The nature of large-scale credential leaks is frequently that of compilations used by hackers for credential stuffing and phishing, rather than original breaches of the companies named. For instance, in incidents like the 23andMe breach in 2023-2024, hackers exploited reused passwords that were obtained from earlier, publicly known breaches, demonstrating how old leaked credentials are often repurposed.
High-profile "big" leaks involving billions of credentials often contain a large amount of outdated, duplicated, or faked data, which inflates their apparent scale. No confirmed reports from reliable sources indicate that Apple, Google, or Facebook suffered a new direct breach exposing 16 billion credentials in 2021. Rather, the leaked credentials associated with those platforms surfaced primarily through aggregations of older breaches or credential stuffing collections circulating on hacking forums.
The discovery of these 30 datasets containing 16 billion login credentials was made by Volodymyr Diachenko, co-founder of the cybersecurity consultancy Security Discovery, over the course of this year. This underscores the importance of sharing accurate data on threats, a key strategy for financial institutions to defeat bad actors.
In the face of an increasing number of infostealer attacks, it is crucial for individuals and businesses alike to prioritise cybersecurity measures, including the use of strong, unique passwords and regular updates to security software. Stay vigilant, and protect your digital identity.
[1] BleepingComputer. (2021). The 16 billion credential leak is not a new data breach, but a compilation of previously leaked credentials. [online] Available at: https://www.bleepingcomputer.com/news/security/the-16-billion-credential-leak-is-not-a-new-data-breach-but-a-compilation-of-previously-leaked-credentials/
[2] CyberScoop. (2021). Snowflake data breach: More than $2 million extorted from victims in infostealer-driven breach. [online] Available at: https://www.cyberscoop.com/snowflake-data-breach-infostealer-driven-extortion/
[3] Security Discovery. (2021). 30 datasets containing 16 billion login credentials from major tech platforms discovered. [online] Available at: https://cybernews.com/security/30-datasets-containing-16-billion-login-credentials-from-major-tech-platforms-discovered/
Businesses and individuals should prioritize cybersecurity measures, particularly in light of the 16 billion login credentials leak discovered in 2021. This compilation of previously leaked data, as revealed by Volodymyr Diachenko of Security Discovery, underscores the threats posed by infostealer malware, which is known for stealing sensitive data, including personal-finance information. Furthermore, the importance of data-and-cloud-computing security is highlighted by incidents such as the Snowflake data breach, where infostealers were used for extortion. Thus, it is essential to use strong, unique passwords, regularly update security software, and remain vigilant to protect digital identities.
