A leak of 16 billion passwords from major online service providers, including Apple, Google, and Facebook, poses significant risks for cryptocurrency holders. According to a report by Cybernews, this extensive breach includes numerous datasets containing billions of login credentials, which grant access to various online services. The datasets also contain infostealer dumps, such as tokens and cookies, heightening the threat for organizations without multi-factor authentication. Security analysts predict a surge in targeted account takeover attempts, particularly against custodial wallets linked to email access. Some wallets permit password-based seed-phrase backups in cloud services, enabling attackers to attempt to retrieve private keys. Depending on the outcome of these attacks, exchanges might require users to alter their passwords or take additional actions to safeguard assets. The incident underscores ongoing issues such as password reuse and poor authentication practices. Crypto users are urged to update their passwords, enable two-factor authentication, and refrain from storing recovery phrases in unsecured digital environments.

Source 🔗