These days, a lot of friends, colleagues and family members have brought up the subject of the “biggest password leak in history”, in which supposedly 16 billion passwords from Apple, Facebook, Google and other platforms have been stolen.
Rest assured: the databases of these platforms/services were not hacked! In fact, we’re talking about a massive collection of stolen credentials, harvested by infostealer malware.

What is an infostealer?
It is a type of malware designed to steal credentials, session cookies, credit card information, cryptocurrency wallets and other sensitive information. Quickly. And quietly.
How? Through phishing emails, infected USB drives or malicious downloads (fake/pirated software).

So how do you steal 16 billion credentials?
Looking closer at this claim, it was revealed that this breach is a compilation of previously leaked, very old data — and is also padded with fabricated credentials in order to exaggerate the value of this collection.

What can you do to protect yourself against infostealers?

1. Use a password manager → avoid saving passwords in browsers, use a dedicated password manager for storing and generating strong, unique passwords for every account.
2. Enable Two-Factor Authentication (2FA) wherever it is available.
3. Stay cautious with downloads → avoid cracked software and only download from official sites or trusted app stores. And remember: nothing is ever “free.”
4. Keep your systems updated → this means your PC & phone OS, browser and antivirus (please use one).
5. Watch for phishing → don’t click unknown links or download attachments if you’re not sure or if the message is unexpected.