In June 2025, a massive data breach exposed over 16 billion login credentials from major platforms including Apple, Google, Facebook, Telegram, and GitHub. This breach, identified by CyberNews researchers, involved data from 30 different datasets and is considered one of the largest credential leaks to date. The compromised data includes both recent and older login information, posing significant risks of phishing, account takeovers, and identity theft. Experts emphasize the urgency of adopting secure authentication methods, such as passkeys, and recommend enabling two-factor authentication (2FA) and using password managers.
Other Notable Breaches
- Aflac Insurance Breach: On June 12, 2025, Aflac, a major U.S. insurance company, experienced a cyberattack compromising customer data, including Social Security numbers and health information. The breach was attributed to the hacker group “Scattered Spider,” known for sophisticated social engineering tactics. While the full scope is under investigation, the incident highlights vulnerabilities in the insurance sector.
- UBS Data Exposure: UBS confirmed a cyberattack through an external supplier, Chain IQ, leading to the exposure of information about over 130,000 employees. The leaked data, including names and contact details, was reportedly published on the darknet. However, UBS assured that no client data was compromised.
- LexisNexis Data Breach: In December 2024, LexisNexis Risk Solutions disclosed a breach affecting over 364,000 individuals. Sensitive information, including Social Security numbers and driver’s license details, was accessed via the company’s GitHub account. The breach underscores ongoing concerns about data privacy and the need for stricter oversight of data brokers.
Protective Measures for Individuals
To safeguard against potential threats from these breaches:
- Update Passwords: Change passwords for affected accounts and avoid reusing them across different platforms.
- Enable Two-Factor Authentication (2FA): Add an extra layer of security to your accounts.
- Adopt Passkeys: Consider using passwordless authentication methods, such as passkeys, for enhanced security.
- Use Password Managers: Store and generate strong, unique passwords for each account.
- Monitor Accounts: Regularly check for unauthorized activity and set up security alerts where possible.