PANews reported on June 19 that according to Cointelegraph, the Cybernews research team revealed that 16 billion login credentials of online service providers including Apple, Google, Facebook, etc. were leaked, of which the largest number of records in a single database reached 3.5 billion. Researchers found that this data was mainly exposed through unencrypted Elasticsearch or object storage instances, and the leaked data included access tokens, session cookies, and account metadata stolen by information stealing malicious programs.

The incident poses a serious threat to the cryptocurrency industry: attackers could use the leaked credentials to launch targeted account takeovers, especially on platforms that host wallets or link emails. The fact that some wallets allow mnemonics to be backed up to cloud services further amplifies the risk. Security experts recommend that users update their passwords immediately, enable two-factor authentication, and avoid storing recovery phrases in non-secure digital environments. The original owner of the data is not yet identified, but researchers have confirmed that some of the databases may belong to cybercrime organizations.