CERT-In Issues Urgent Advisory Following Massive Data Breach of 16 Billion Credentials
New Delhi: The Indian Computer Emergency Response Team (CERT-In) has issued a fresh advisory urging all internet users to immediately update their passwords and adopt stronger cybersecurity measures after a massive data breach exposed approximately 16 billion online credentials.
The breach, first uncovered by cybersecurity website Cybernews, involves a consolidated dataset containing usernames, passwords, authentication tokens, and metadata leaked from multiple major platforms including Apple, Google, Facebook, Telegram, GitHub, and several VPN services. This vast trove of compromised data has raised alarm bells globally and within India’s cybersecurity ecosystem.
A senior official from CERT-In, India’s nodal agency responsible for cybersecurity incident response, emphasized that although some of the leaked credentials may be outdated or already changed, users should not take any chances. “This appears to be a consolidated dataset from various sources, and while some credentials may no longer be valid, it is important for everyone to practice good cybersecurity hygiene to protect their accounts and personal data,” the official said.
In the advisory, CERT-In has strongly recommended that individuals change their passwords immediately, especially for critical accounts such as email, banking, and social media. The agency also urges users to enable multi-factor authentication (MFA) wherever possible, which adds an additional layer of security by requiring a second form of verification beyond just a password.
Furthermore, CERT-In highlighted the importance of switching to passkeys, a newer authentication technology designed to replace traditional passwords with cryptographic keys, offering enhanced protection against phishing and credential theft.
The breach underscores the ongoing risks posed by cyberattacks and data leaks, particularly as more personal and professional activities shift online. CERT-In’s advisory serves as a critical reminder for users to remain vigilant and proactive about their digital security.
By following the recommended steps, users can reduce the risk of unauthorized access to their accounts and safeguard sensitive information in today’s increasingly interconnected digital landscape.
