When it comes to the private data of a large population of internet users, password compromise is not delightful. However, the revelation of a 16 billion username and password leak worldwide, named as the mother of all breaches (MOAB), has caused a global panic. On 18 June 2025, the Cybernews research team reported that they had come across a plethora of massive data sets containing billions of login credentials ranging from social media to corporate platforms. Although the breach did not originate from a single hack, it was a compilation of multiple data leaks accumulated over the years and compiled into what cybersecurity experts call a “COMB-style” (Compilation of Many Breaches) dataset. They stated that this data breach is not a leak but a blueprint for mass exploitation. Researchers from the Cyber news team claim that most of the datasets are a mixture of details from stealer malware and repackaged leaks, and there is a guaranteed presence of overlapping records.
Affected companies include tech giants such as Google, Apple, Facebook, Netflix, GitHub, Telegram and many others. Individual researchers and cybersecurity companies have, however, reported that no centralised data breach had occurred at any of these companies. These companies weren’t necessarily hacked; most of the data comes from previous breaches aggregated into one mega leak posted on underground forums. Credentials in the infostealer logs have been found to be login URLs to Apple, Google and Facebook login pages. While it is unclear who owns the data, the reported number seems to be a compilation of earlier breaches and relatively new ones.
Infostealers, are malicious programs designed to gather sensitive information from the system, that have been reported as the agents responsible for the data breach in the report. A report released earlier this year said that more than 500 million devices in 2023 were found to be infected with infostealer records, including username, password and other personal and sensitive information. Infostealers work in conjunction with other types of malwares on a device to ensure a more comprehensive attack. An infostealer operates and infects a device in 5 steps, namely, Infostealer delivery, Data collection, Data exfiltration, Data distribution, and further criminal activity.
Form 8-K is a document created under the United States Securities and Exchange Commission, which should be filed in case of a major event that will affect the operation of the company. Filing Form 8-K under section 1.05 implies the acknowledgement of a data breach by a publicly traded corporation. On 19 April 2024, the company AT&T filed a Form 8-K in response to a data breach where an individual had access to call logs of the users. It is vital to note that every corporation has to file a Form 8-K under the SEC when there is a data breach, perhaps even a corporation such as AT&T has publicly acknowledged a leak of user data. Tech Giants Apple and Google, which are publicly traded companies, have neither filed for Form 8-K nor issued a fresh public statement. This implies that none of their current relevant data has been breached, and thus the corporations have not raised any alarm bells.
While the panic has risen, users can adopt a few preventive measures that will help them address the issue and understand if they need to worry about their login credentials being leaked in the MOAB.
- Two-factor authentication can be the most protective measure a user can enforce against breaches.
- Websites like https://haveibeenpwned.com are available for free for individuals to check if their Email IDs have been compromised in a breach. The website shows users the number of breach attempts that occurred and the ones that were successful with respect to their credentials.
- https://www.breachsense.com works along the same line for corporate domains.
The incident calls increased awareness among users about Cyber Hygiene, and individuals who previously did not make efforts to secure their Credentials and Email addresses. The event is a stark reminder of how punishing it can be to leave personal information and sensitive information of individuals unprotected on the internet.
If you want to understand more about data breaches, gain insights on how a breach occurs and stay safe and protected on the internet, visit https://cyber.tsaaro.com
News for the Week
- Supreme Court Lauds Tamil Nadu For Using Preventive Detention Against Cyber Offenders
The Supreme Court of India lauded the Tamil Nadu Government for using preventive detention laws to address the surge in organised cybercrimes. The Court was hearing a challenge to a preventive detention order under the Tamil Nadu Prevention of Dangerous Activities Act, 1982 against an individual accused of committing multiple online financial frauds. The individual had been involved in multiple frauds, and regular criminal laws failed to deter or prevent him from continuing cyber frauds. To break the cycle, the Tamil Nadu police recommended preventive Detention under the Goondas Act, which was justified under various grounds, which made Tamil Nadu become one of the first Indian states to strategically use preventive detention laws against serial cybercriminals on a public scale.
https://www.livelaw.in/top-stories/normal-laws-unsuccessful-supreme-court-lauds-tamil-nadu-for-using-preventive-detention-against-cyber-offenders-295528
- New Malware targeting Android devices detected
A fresh wave of Android malware is targeting users through fake app stores and social media phishing links, according to cybersecurity researchers. The Strain is known as Pix Pirate and is evasive with the potential for a full device takeover. The Malware creates fake versions of popular apps such as WhatsApp and Instagram, and hosts phishing campaigns through Telegram and Instagram, urging Android users to download Trojanized APKs. Eastern Europe and South Asia are currently infected areas, and CERTs in multiple areas urge users to avoid side-loading APKs of apps. Experts call for tighter cybersecurity measures to take down rogue app stores and to regulate deceptive advertisements.
https://thehackernews.com/2025/06/new-android-malware-surge-hits-devices.html
- Interpol Warns sharp rise in African cybercrimes
A 2025 Cybercrime report by the Interpol reveals that the cybercrime rate in Africa has sharply increased in both scale and sophistication. These Crimes seem fueled by poor infrastructure, low digital literacy, but expanding internet access. Online scams and ransomware are the most reported crimes. Social engineering schemes are on the rise, along with mobile-based financial frauds across sub-Saharan Africa. Interpol is increasing regional cooperation and digital forensic training to help African law enforcement respond more effectively. There is a new push for harmonised cybercrime legislation across the African Union, leveraging the Malabo Convention.
