WASHINGTON — A staggering leak of 16 billion passwords, reported by Forbes on June 23, 2025, has cybersecurity experts and the Better Business Bureau urging Americans nationwide to change their passwords immediately. Described as the largest data breach of its kind, the leak involves credentials from major tech platforms like Apple, Google, and Facebook, raising alarms about digital privacy and security across the country.
“Scammers are everywhere, they’re smart, and technology makes it easier for them to get access to you,” said Carmen Million, president of the Better Business Bureau of South-Central Louisiana. “It doesn’t matter what your education is, what your background history is, it doesn’t matter where you work, if you are on the internet, if you are in social media, you are a potential victim.”
The breach, uncovered by cybersecurity researchers, comprises 30 datasets of login credentials aggregated from sources like infostealer malware. While not a centralized breach at companies like Apple, Google, or Facebook, the exposed credentials heighten risks of identity theft, phishing scams, and unauthorized account access, affecting millions of users nationwide.
Million emphasized immediate action to safeguard accounts. She advised Americans to update passwords across all platforms and enable two-factor authentication as an additional layer of protection. She also warned against using easily guessable information in passwords, such as pet names, family members’ names, or personal details often shared on social media.
“They tell people about their dogs and their family members and favorite colors and their parents’ names, and in most cases, people are going to use the easy way when they make passwords and they are going to use that same information in their passwords, so we want you to think outside the box,” Million said.
Cybersecurity experts at Louisiana State University, reflective of national research efforts, expressed shock at the breach’s sophistication. Faculty advisor Golden Richard said, “I am still amazed at the level of sophistication. So, it’s not space lasers, but it feels that way. It almost feels supernatural, honestly.” Richard noted that even strong defenses may fall short as cyberattacks grow more advanced. “In this circumstance, there’s really not, there’s no silver lining because the attacks are becoming more sophisticated, corporations and agencies, and not terribly careful with data,” he said.
The Better Business Bureau provides resources for those impacted. “If you do feel like you are the victim of a scam, you can go to BBB.org/scamtracker and log the scam — that allows us to know the scam in that area, but protect yourself, be your first line of defense,” Million said. Individuals can report incidents at BBB.org/scamtracker to help track and combat scams locally and nationally.
The leak highlights the ongoing tension between digital convenience and privacy in the U.S., where reliance on tech giants for services exposes users to risks when credentials are compromised. Cybersecurity professionals recommend using unique, complex passwords and password managers to bolster security. The breach’s scale underscores the need for heightened cyber hygiene among Americans, from urban centers to rural communities.
With cyberattacks becoming more prevalent, experts urge vigilance. The FBI reported over 800,000 cybercrime complaints in 2024, with losses exceeding $12 billion, signaling a growing threat. The current breach amplifies these concerns, prompting calls for stronger data protection practices by corporations and individuals alike. Americans are encouraged to act swiftly, avoid password reuse, and limit sharing personal information online to reduce vulnerability in an increasingly sophisticated cyber landscape.
