A recent report from Cybernews spotlighted the discovery of 30 datasets containing 16 billion login credentials from major tech platforms, including Apple, Google, and Facebook.
The datasets were identified over the course of this year by Volodymyr Diachenko, co-founder of the cybersecurity consultancy Security Discovery, and were suspected to be the work of multiple parties using infostealer malware. This type of software extracts sensitive—and often financial—data from infected devices.
A data breach of this magnitude would rank among the largest in history. However, questions soon emerged about the validity of Diachenko’s findings. BleepingComputer reported that the incident was not a new data breach at all, but rather a compilation of previously leaked credentials stolen by infostealers.
Cyberscoop separately substantiated this assertion, reporting that a Google representative told the outlet the credentials weren’t obtained through a new breach. Instead, the stolen data had likely been circulating for some time before being collected and repackaged.
A Substantial Trove
Even if the data is mostly old, this trove of personal information is a testament to the threat posed by infostealers. Last year’s infostealer-driven breach at cloud storage company Snowflake led to data being stolen from more than 150 companies and more than $2 million extorted from victims.
There has also been an uptick in infostealer attacks. Roughly three-quarters of the 3.2 billion credentials stolen last year were obtained through infostealer malware. Additionally, modern infostealers are equipped with increasingly sophisticated evasion techniques, making them harder to detect.
A Constant Barrage
While there is no debate that infostealers pose a legitimate threat, detractors of the Cybernews report have pointed out that exaggerating claims about data breaches could have harmful effects.
The constant barrage of news about leaks and breaches has desensitized many consumers, who now believe their information has already been compromised and there’s little they can do about it.
However, reporting any compromise remains one of the most important ways to combat fraud. Especially for financial institutions, which are increasingly targeted by infostealers, sharing accurate data on threats is a key strategy for defeating bad actors.
