Every person on Earth had passwords stolen twice over. 16B credentials, one of the largest exposures ever.
Unlike traditional breaches, infostealer software infected millions of personal devices worldwide.
Modern infostealers harvest passwords, cookies, crypto wallets, screenshots. Specialized criminal roles emerge.
Fresh data, not recycled. 3.5B Portuguese creds in the largest set. URLs, passwords, session cookies.
Pentagon, Lockheed, Fortune 500 credentials exposed. Even 0.1% success = 16M compromised accounts.
Stolen session cookies enable persistent access without passwords. MFA gets bypassed via token reuse.
Apple, Google, Meta, Microsoft gave minimal response despite massive exposure. Breach communication failing.
Change passwords. Enable MFA everywhere. Monitor dark web. Use password manager. Adopt passkeys.
Adopt passwordless. Zero trust. Behavioral analytics. NIST CSF 2.0. Enterprise cost: $50K-$500K/year.
Passwords failed at internet scale. The future is passwordless and continuous verification.