The accounts collected in the wild nature
0 facebook X.com reds = ” “Hidden-Xs”> Bluesky
According to a study conducted by the cybersecurity command in Cybernews, 30 data sets containing more than 16 billion stolen accounting data appeared on the Internet. Researchers could not find out who owns the data set, but this is a huge violation that makes most others pale compared.
each of the 30 data sets contains tens of millions to 3.5 billion accounting data. These data sets include URL, entrance and password.
Of course, there is some coincidence between different data sets, so there is no certain way to evaluate how many people have influenced. The largest database of 3.5 billion records, apparently, was from the Portuguese-language groups of the population, while 445 million records were Russian.
Separate applications and services were in all the entrances, from Apple to Telegram, Facebook and much more. In particular, at least 60 million records were for a telegram.
data sets seem to come from malicious programs and data. They can work on a person’s device or on the web -site itself, so there is actually no specific essence.
digital hygiene will save you
an incredible violation of the data Shows how sophisticated poor actors will become. Nevertheless, it is important to understand that in more than ten years we are user names and passwords as the only entry method.
Apple ' S Private and Secure Passwors application is enough to protect your accounting data
First, users must emphasize this, but this is important, but it is important, Password manager. We are far beyond this, being a simple and comfortable utility and mdash; This is a lifebuoy.
regardless of whether you use iPhone or Android, Windows or Mac or even Linux, there are parameters for storing and managing your passwords. These tools, such as Apple Passwors, warn you about repeated accounting data and connect you directly on the website to change them.
Paid services, such as 1password or Dashlane, take it further, warning users when their logins appear in certain violations. Apple Passwors does this too, but paid services may have wider coverage or more detailed reports.
For the majority, a built-in password manager for any device that you use should be more than enough. But the reason I mention password managers is not for storage, this is for functionality.
each separate password that you save must be unique, the period. My password manager shows 429 unique passwords, each of which is accidentally generated by Apple.
Biometric protects the password application
Secondly, configure a two-factor authentication for each account that offers it. SMS is actually not a good option thanks to the attack vectors exchanging SIM cards, but this is better than nothing.
If the application offers 2FA through the code generator tool, Apple passwords can also generate these codes. If he offers a QR code, press and hold it to open it in passwords, or copy the hand code and insert it into the field in the password application.
, as soon as you set them up in choosing a password for choice, you can enter everything using the Face or Touch identifier. No need to know your accounting data.
users can go even further using Apple, to hide my email function when creating accounts. This function is designed to help spam not to accumulate in your main mailbox, but it serves the second goal, making it difficult for the hackers to bind your accounts with each other.
Finally, there is a new way to protect your data on the Internet called Passkeys. They rely on a hardware device, which is usually protected by biometria.
Passkeys setting, wherever they are available, and they will completely replace the user name and password. Some applications use them as a kind of 2FA, which is stupid, but still better than not being able to.
Passkeys mainly replace your user name and password with your hardware device and biometric. This is a reliable way to block an account.
passwords are available on iOS, iPados, MacOS, Browser extensions and Windows
Of course, in the most extreme cases, you can configure, where is the physical device, such as USB Drive, acts as a 2FA physical device. Users can configure this for their Apple account if they are concerned about hacking, but this should be reserved for political people, public figures and those who expect targeted attacks.
a leak of 16 billion accounting data is probably used to develop phishing schemes that will disclose more user data. Remember that the weakest part of whose security is the human element.
never open a link from an unknown number or email and never give someone personal information by phone if this is not a confirmed number or the one you personally scored. If you doubt whether the email or text is real, go to the browser and go into the account manually instead of clicking on the link.
Apple actually simplifies the management of unknown texts, calls and other fraudulent vectors in iOS 26. Calls and texts from unknown numbers are automatically moved to a new section in the phone or messages.
Basic hygiene on the Internet and password can be of great importance for the interference of criminals. And although some of them can take time so that the setting, as soon as everything is launched, you will never have to think about the name of the user or password again, even when there is a violation.
