News spread early Fridaythat a record-breaking data breach exposed 16 billion passwords to the world,China including user credentials for the likes of Facebook, Google, Apple, and tons of other places. Some commentators were quick to call it the largest password leak in history, and in terms of raw records exposed, that’s mostly, technically true. However, these records did notcome from a single breach — or even a new breach. Instead, they came from many smaller ones.
Data breaches are an unfortunate reality in the digital age, and some of the breaches can be quite large. However, not every release of stolen data is the direct result of a recent cybersecurity breach. As Mashable recently reported in our countdown of the top cybersecurity breaches of 2025, hackers will often compile information from multiple prior hacks and combine them into one massive file. This is becoming a trend in the darker corners of the internet. The end result is more of a “greatest hits” rather than a new, noteworthy hack.
Such is the case here. Per Bleeping Computer, the information contained in the 16 billion records was most likely compiled from a host of prior hacks, compiled, and then released as a single set of data. It was likely circulating for some time before being compiled, and likely came from a combination of breaches, hacks, phishing scams, and malware.
This is backed up by a tweetfrom vx-underground, an educational website that specializes in malware and cybersecurity. “Someone took a bunch of existing leaks, threw it all together, and slapped a NEW stick [sic] on it.”
This Tweet is currently unavailable. It might be loading or has been removed.
However, the existence of all this data in one spot is still rather damaging, as cybercriminals now have access to all of this data in a single spot, potentially making it much easier to concoct more effective phishing scams or engage in identity theft.
The largest single-point data breach in history is still Yahoo’s 2016 breach, when hackers stole data about all three billion of the website’s users.
Mashable is live at VidCon 2025:Check out our VidCon coveragewith your favorite content creators now.
With so many records in one spot — even if some of them are legacy data that is no longer relevant — it’s still probably a good idea to take an audit of your online services to make sure you’re protected. A good place to start is Have I Been Pwned, a website dedicated to showing data breaches. Simply go there, enter your email address(es), and the site will show you which credentials have been exposed to the public.
We recommend changing those credentials immediately if you haven’t already, and using a strong password when you do so, as they are more difficult to crack. After that, you’ll want to enable multi-factor authenticationon every account you possibly can, as the added layer helps keep criminals from stealing your life if they obtain your password. That should be the bare minimum, but there are plenty of other steps you can taketo keep yourself safe online as well.
Have a story to share about a scam or security breach that impacted you? Tell us about it. Email [email protected]with the subject line "Safety Net" or use this form.Someone from Mashable will get in touch.
Topics Cybersecurity
Trump praises storm response as historic disaster unfolds in Houston
Best Pokémon building set deal: Get the Mega Pokémon Pokédex for $18.39
NYT Connections Sports Edition hints and answers for February 4: Tips to solve Connections #134
Dallas Mavericks vs. Philadelphia 76ers 2025 livestream: Watch NBA online
Best Apple Pencil Pro deal: Save $30 at Best Buy
Best tablet deal: Save $45 on Amazon Fire HD 10 tablet
Google offers voluntary buyouts to the Android and Pixel team
Best LG C4 OLED TV deal: Save $300 on the 65
Nishioka vs. Alcaraz 2025 livestream: Watch Australian Open for free
Best Pokémon building set deal: Get the Mega Pokémon Pokédex for $18.39
Best MacBook deal: Get $200 off 2024 Apple MacBook Air
Apple Intelligence getting more languages including German, Italian, and French
New York Knicks vs. Toronto Raptors 2025 livestream: Watch NBA online
Phoenix Suns vs. Portland Trail Blazers 2025 livestream: Watch NBA online
Best GPU deal: Get the MSI RTX 5080 for $1,249.99 at Best Buy
Affordable V
Scotland vs. Italy 2025 livestream: Watch Six Nations for free
Best mesh WiFi deal: Save $340 on eero Max 7 mesh WiFi system
Best vacuum deal: Get the Dyson V8 Plus cordless vacuum for $120 off
New York Knicks vs. Toronto Raptors 2025 livestream: Watch NBA online
15 best hangover helpers to give your drinking buddyFacebook admits hiring PR firm to attack billionaire George SorosIndiegogo CEO: We want Chinese entrepreneurs, not knock'The Lion King' trailer dredges up painful memories of one particular sceneAmnesty International takes aim at Google's censored search engineApple must pay up to $14.5 billion in Irish taxesHere are the best VMA behindHangry little hedgehog will only cheer up if you give him treats15 holiday songs that are super weird but we somehow still loveBlac Chyna poses pregnant and naked on the cover of 'Paper' magazineDramatic dash cam footage shows bystanders rescuing woman from burning car10 ridiculous things that could totally happen in 'Fantastic Beasts 3'Report: Blizzard working on 'Warcraft' meets 'Pokémon Go' gameDramatic dash cam footage shows bystanders rescuing woman from burning carU.S. says 5G networks are 'vulnerable' to undermine Huawei: reportGucci and Saint Laurent are working with Apple on inAmazon workers strike on Black Friday over working conditionsTransformers' prequel 'Bumblebee' announces tons of early screeningsThis pastor "flew" into his sermon — and it's amazingGoogle to request verification for political ads ahead of EU election Google Doodle honors Teacher Appreciation Week Apple launches 13 The Apple Watch can actually detect a dangerous heart condition The best games to secretly play at work 'Disney Gallery: The Mandalorian' Ep 1 has a great Dave Filoni story Model who posed nude at sacred Maori site says they're not Indigenous According to the preview of Kylie Jenner's show, You! Don't! Know! Kylie! Jenner! TikTok surpasses 2 billion global downloads 'Assassin's Creed Valhalla' revealed as a 9th century Viking adventure France dislikes Trump even more than Putin, so that's reassuring NYC subway will clean some cars for coronavirus with UV This Dungeons & Dragons gift guide is a critical hit Trump claims he made up the phrase 'prime the pump' and he absolutely did not Donald Trump is a big boy president who gets more ice cream than everyone else Melissa McCarthy is casually cruising through Midtown on Sean Spicer's podium Trump's Russian income is not being mocked at all. With few exceptions. Bon voyage': Elon Musk tells Twitter followers to get lost Can you guess which picture Trump wants hung in the White House? Zoom's web address is confusing the hell out of people The 11 most incredible ‘Transformers’ toys