English
EN
A total of 16 billion user login data from major platforms such as Apple, Google, Facebook, GitHub, Telegram, and government services were found to be leaked and circulated in cyberspace. This leak did not come from the company's internal systems, but from the infection of the user's device by an infostealer-type malware that steals login data secretly.
Quoted from Forbes, Friday (20/6/2025), cybersecurity researchers from Malware Bytes found more than 30 different database files, each containing tens of millions to billions of data complete with usernames, passwords, and login URLs. This incident became one of the largest data leak incidents in history.
The consequences of these leaks are widespread and dangerous, especially for entrepreneurs who do not have a robust data security system. Some of the possible impacts:
Securing accounts after a major incident like this should be a top priority. This is so that the company continues to run and improve its reputation with clients. There are several steps that must be taken by entrepreneurs according to Rekadia:
The first step is to take inventory of all accounts connected to business operations, both internal (company email, admin dashboard, CRM) and external accounts (social media, marketplaces, advertising services). Includes access granted to employees, vendors, or third-party partners. Make sure you know who has what access, and revoke any access rights that are no longer relevant or at risk.
Use a password of at least 16 characters, combining uppercase, lowercase, number, and symbols. Avoid using the same password across multiple platforms. Strong passwords will be very difficult to guess or be hacked by automated systems.
2FA adds an extra layer of security by verifying the user's identity through a second method, such as an OTP code via SMS, an authentication app, or biometrics. Even if the password is leaked, the account is still inaccessible without this second factor.
Password managers like 1Password, Bitwarden, or LastPass Business can securely store all your credentials in one encrypted place. In addition to making it easier to login,this feature makes it easier to share access between teams without having to share passwords directly.
Provide regular training so that the entire team understands how to recognize suspicious emails, fake links, and psychological manipulation tricks that cybercriminals often use. Employee education is the first wall of defense.
Make sure all work devices (laptops, desktops, servers) are protected by quality antivirus and have an active firewall. Perform regular operating system and application updates to close security holes that malware can exploit.
Store copies of important data automatically and periodically, both on your hard drive and in your company's data centers. Use Rekadia's E-Office backup system that is encrypted and stored in different locations to avoid losses when ransomware attacks or system crashes occur.
Choose a file storage service provider that has high security standards, such as E-Office from Rekadia. Make sure data is stored in an encrypted format and access is protected with 2FA and strict authorization controls.
Enter your company's email address on haveibeenpwned.com site to check if your email is included in the leaked data. If so, immediately change the password and evaluate the account's security system.
By implementing these nine steps in a disciplined manner, entrepreneurs can minimize the risk of datal eaks, strengthen digital security systems, and maintain customer trust and business continuity.
The leak of 16 billion credentials shows that digital security should be a top concern for every internet user. The risks include not only account hijacking, but also identity theft and financial losses. For companies, the main risk is account hacking and theft of confidential data. The most important protection measure sare to immediately replace all passwords, enable Two-Factor Authentication (2FA), and strengthen cybersecurity across devices and teams.
📖Read more article: Effective Tips to Protect Work Files from Malware That You Should Know!
