The post risks and urgent security measures appeared on BitcoinEthereumNews.com.

A massive leak of passwords compromises the security of accounts linked to services like Apple, Google, and Facebook, further complicating the protection of crypto financial assets.  The phenomenon involves over 16 billion credentials, highlighting serious vulnerabilities even for the holders of wallet and exchange platforms. Impact on cryptocurrencies and risks for users after the password leak  The Cybernews team, in a report dated June 19, analyzed 30 exposed datasets, each containing from tens of millions to over 3.5 billion credentials.  Overall, we are talking about approximately 16 billion exposed access credentials, an unprecedented number. These data mostly appeared on unprotected Elasticsearch instances or object stores, making entire previously unreported databases accessible to malicious actors, with the exception of one with 184 million records defined as “mysterious”. On average, each database included 550 million records, while the smallest still contained over 16 million entries. The compromised passwords concern global platforms of primary importance, including Apple, Facebook, Google, and Telegram.  The exfiltration also includes dumps of infostealer, containing tokens, cookies, and sensitive metadata, which increase the danger especially for institutions and users lacking multi-factor authentication (2FA). According to Cybernews, it is possible to access practically any imaginable online service with leaked credentials, putting personal and corporate accounts of all types at risk. For the crypto community, this data breach opens worrying scenarios. Security experts predict a sharp increase in account takeover attempts, meaning unauthorized acquisition of accounts, through the combined use of compromised credentials. In particular, the custody platforms of criptovalute and the wallet connected to email are extremely vulnerable.  Some wallets, in fact, allow the backup of seed phrase (the recovery phrases of private keys) through passwords stored on cloud services, increasing the risk that malicious individuals may gain access to digital funds. As a result, various exchange might adopt restrictive…

---

Filed under: News - @ June 19, 2025 5:25 pm