A Lithubersecurity Lithuanian media indicates that it discovered a leak of 16 billion passwords that could grant access to Apple, Google, Facebook accounts and more.
CYBERNEWS warns that the data is “a plan for mass exploitation” because it could give cybercriminals unprecedented access to information that can be used for control cavities, identity theft and highly targeted attacks.
Here is what we know of the flight so far and how people can protect themselves from their repercussions.
What do we know about flight?
Cybersecurity experts strongly speculate that the data has been disclosed by the infosteator, said Robert Falzon, engineering manager at the Check Point security software company.
Infosteralists are dual malicious software elements by clicking, which then install something on their computer, “which is sort of and listens to the computer while you type things on the keyboard.”
Malware can detect when you connect to an account and can copy everything you have entered to send it to a compilation database of skills devices.
“Consequently, we end up with these giant benchmarks on the dark net filled with lists and lists and lists of user names and passwords and identification that have been stolen from users around the world and which are purchased and sold as raw materials,” said Falzon.
Are all of this disclosed data new?
It is to be discussed. Cybernews says that “the data is recent, not only recycled from old violations”, but others do not agree.
“It is really difficult to follow the Providence of all of this,” said Falzon, because some hackers bring together the data of several leaks to resell.
Get national news
For news that has an impact on Canada and worldwide, register for the safeguarding of news alerts that are delivered to you directly when they occur.
The only way to understand how new it is would be to get other leaks and compare data.
Why is it worrying?
“If pirates manage to get their password for Google, Apple or Facebook, the theft of your money and your identity can be easier than taking candy for a three -year -old child,” said Ignas Valancius, engineering manager of the Nordpass Cybersecurity Company, in a press release.
Indeed, hackers use the connections they obtain for the stuffing of identification information – a practice where criminals have access to accounts by entering connection information stolen from websites.
If you reuse your passwords on several websites or services, it may mean that a hacker can access your bank account and steal money, your favorite retailers and emptying your loyalty points or even find your address and your birthday and use it for an identity flight, said Falzon.
How can I know if my data was in violation?
Finding out if you have been the victim of the violation would take data and research for your identification information.
Because only an “extreme minority” of people has never been raped in general, Falzon said that you are always better by assuming that your information was part of the flight.
What can Canadians do to protect themselves?
Cybersecurity experts are unanimous in advising people to change their passwords regularly, especially after leaks to avoid becoming a victim of the farce of identification information.
But well before a violation occurred, they say that there are several things that people can do to protect themselves.
The most obvious is to vary your passwords and avoid reuse them. When you recycle passwords on several websites or services easy to guess, this means that hackers will not have many problems to access many of your accounts.
Multifactor authentication can also offer a safety layer. When someone tries to connect to an account, this forces him to enter an e-mail or SMS code before being able to access. The process helps users to thwart hacking attempts.
I have so many accounts to keep track and change my passwords with each violation makes it difficult to remember everyone. What can I do?
Some cybersecurity experts are fans of password managers. These services create solid and unique passwords for each account you have. Then, the manager stores them in a encrypted account which you can access quickly whenever you need to enter a password.
However, other experts argue that password managers can have different encryption levels and warn that if the one you use is raped, all your passwords can be vulnerable.
So what can I do else?
Many experts advise people to use pass keys when possible. Passkeys are digital identification information capable of unlocking accounts with a simple flash in your face or an analysis of fingerprints on your phone.
They are considered more secure than passwords because there are no chain of characters, numbers and symbols to memorize, which makes them more difficult to hack. They do not need to be changed, cannot be stolen by someone guess or take a look over your shoulder and there is no way to accidentally use one on the bad website.
Not all websites and services accept Passkeys, but several great players like Apple, Shopify, Microsoft, Docusign and Paypal.
& Copy 2025 the Canadian press