Cert-In issues advisory after data breach of 16 billion credentials, asks people to change passwords
NEW DELHI: Indian Computer Emergency Response Team (Cert-In) has issued a fresh advisory asking people to follow good cybersecurity hygiene following reports of a massive data breach involving 16 billion online credentials. FILE - The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from multiple platforms. (AP)
The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from platforms such as Apple, Google, Facebook, Telegram, GitHub, and several VPN services.
'This appears to be a consolidated dataset, and some of the credentials may be outdated or already changed. However, we're issuing the advisory to urge people to follow good cybersecurity hygiene,' a senior official at Cert-In, the country's nodal agency for cybersecurity incident response, said.
The advisory was first released on Monday.
The agency has urged individuals to update their passwords immediately, enable multi-factor authentication (MFA), and switch to passkeys wherever possible. The advisory also recommends running antivirus scans and keeping systems up to date to protect against malware.
The cybersecurity agency advised organisations to enforce MFA, limit user access, and use intrusion detection systems (IDS) and Security Information and Event Management (SIEM) tools to detect suspicious activity. It also recommended that companies check that their database aren't publicly exposed and ensure that sensitive data is encrypted.
The massive dataset, which is believed to be available on the dark web, has been reportedly compiled from 30 different sources, mostly through infostealer malware. The dataset could enable attackers to carry out phishing, account takeovers, ransomware attacks, and business email compromises, said the Cert-In advisory.
'This is a systemic red flag,' said Gaurav Sahay, cybersecurity expert and founding partner at Arthashastra Legal.
'The breach is decentralised, harder to detect, and much more difficult to fix. We're likely to see a wave of account takeovers, especially on cloud/email services, banking or fintech apps, developer platforms, and government portals.'
Sahay added that password reuse remains rampant, and the lack of MFA on many accounts makes even older credentials dangerous. 'This is a watershed moment in cybersecurity, a reminder that the human element remains the weakest link in digital security.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
6 hours ago
- Time of India
Safran to set up maintenance centre in Hyderabad for M88 military jet engine powering Rafale
France-based Safran Aerospace on Tuesday announced plans to establish a new entity-Safran Aircraft Engine Services India-in Hyderabad, which will focus on the maintenance and overhaul of Rafale fighter jet engines, specifically the M88 engines. The initiative is expected to create approximately 150 new jobs by the end of next year, with the potential to add another 750 positions in subsequent phases, according to a press release from the Telangana government. Pierre Fernandez, General Manager of Safran Aerospace, met Industries Minister D Sridhar Babu and announced the plans. "We look forward to expanding our presence with the upcoming Safran Aircraft Engine Services India , focused on LEAP engine MRO services and scheduled to be operational before the end of the year, as well as a newly announced fourth site to provide maintenance for the M88 military jet engine powering the Dassault Rafale," the release quoted Fernandez as saying. Safran currently operates two world-class sites in Hyderabad: Safran Electrical & Power India, dedicated to manufacturing electrical harnesses for CFM LEAP engines and the Dassault Rafale fighter, and Safran Aircraft Engines Hyderabad, which specializes in the production of rotating parts for the LEAP engine's low-pressure turbine. Live Events The company expressed its gratitude to Sridhar Babu for inviting Safran to participate in a roundtable discussion with a delegation of French companies investing in Telangana, led by the Indo-French Chamber of Commerce and Industry, the release stated. "Over the past few years, Safran has benefited from significant support from the Telangana government. We are proud to contribute to the region's dynamic aerospace ecosystem and to help position Telangana as a major hub for the aerospace industry in India ," it added.
India.com
6 hours ago
- India.com
Good Wired Earphones of less than 500 Rs Amazon - Great sound at low price
You do not have to shell out much money to buy wired earphones that offer you good audio experience with clear sound, good bass and a mic in-built enabling you to use it to place a call. There are many good-quality wired earphones on Amazon below the level of 500 rupees. They are very good when listening to music, answering calls, online classes, or even when you need to chill on the favorite playlist. They are affordable in price and great in terms of performance and can be used daily. You can visit Amazon, which is a trustful online shop and find the latest models of wired earphones with the lowest prices. It provides a quick delivery time, hassle-free payment, and many user reviews that will assist you in the selection of the appropriate product. Amazon is a convenient, fast, and inexpensive place to shop either as a gift-buyer or to treat yourself without complicating the returns process and knowing you will receive a quality service. 1. Boat BassHeads 100 in-Ear Headphones with Mic Image source - Order Now The punchy sound of this earphone and fun design makes it known. It has in-built mic with tangle-free wire making it very ideal in daily music and clear voice calls. Key Features Strong bass and clear audio In-line mic for calling Tangle-free cable design Lightweight and comfortable fit 3.5mm jack for universal use The earbuds may feel uncomfortable after long hours of use. 2. Boult Audio BassBuds X1 in-Ear Wired Earphones Image source - Order Now This earpiece provides high quality sound and solid bass. Its hook ear designs keep it in position during exercises or when one is travelling. It is quite a good choice of music and movement. Key Features Noise isolation for better sound Secure ear loop design In-line mic and control Stylish, metallic finish Good fit for running or walking The ear loop may not fit well for people with smaller ears. 3. ZEBRONICS Bro in Ear Wired Earphones Image source - Order Now This earphone is perfect in daily use as it has good sound and mic performance. It includes soft earbuds and a powerful cable, which is compatible with phones, tablets, or laptops. Key Features Clear sound with good mids Soft silicone ear tips Built-in mic for voice calls Works with all devices Simple and neat design Bass output is lower than other models in the same range. 4. Xiaomi Wired In-Ear Earphones Image source - Order Now These headphones are small and powerful, which provides a good balance of audio quality with good bass. They are great when used to make calls, watch videos, or play, and the in-line controls provide easy access to switching around Key Features Balanced sound with smooth treble Built-in mic and control buttons Lightweight and easy to carry Comfortable for long use Great for music, calls, and gaming Wires are slightly thinner and may tangle with rough use. These are some of the low-cost and quality wired earphones which you should consider purchasing in the market under 500 rupees. All the models have a combination of sound clarity, comfort, and the convenience of use. This is where you can find a match with everything you need in daily use whether to get good bass, clear calls or a good fit without ear pains. All are compatible with most devices and ideal for students, travelers, and anyone who listens on the go. Shopping on Amazon means you get fast delivery, verified user reviews, and easy returns. There are just many cheap options as such you need not spend more to have your music or receive calls and have a comfortable time on it. The best way is to select the one which corresponds to your style and embrace wonderful audio on a daily basis! Disclaimer: At IDPL, we help you stay up-to-date with the latest trends and products. It should not be construed as an endorsement to buy. IDPL may make a very small commission from its sale if one chooses to buy the product from any of the links in this article.
Hindustan Times
6 hours ago
- Hindustan Times
Cert-In issues advisory after data breach of 16 billion credentials, asks people to change passwords
NEW DELHI: Indian Computer Emergency Response Team (Cert-In) has issued a fresh advisory asking people to follow good cybersecurity hygiene following reports of a massive data breach involving 16 billion online credentials. FILE - The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from multiple platforms. (AP) The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from platforms such as Apple, Google, Facebook, Telegram, GitHub, and several VPN services. 'This appears to be a consolidated dataset, and some of the credentials may be outdated or already changed. However, we're issuing the advisory to urge people to follow good cybersecurity hygiene,' a senior official at Cert-In, the country's nodal agency for cybersecurity incident response, said. The advisory was first released on Monday. The agency has urged individuals to update their passwords immediately, enable multi-factor authentication (MFA), and switch to passkeys wherever possible. The advisory also recommends running antivirus scans and keeping systems up to date to protect against malware. The cybersecurity agency advised organisations to enforce MFA, limit user access, and use intrusion detection systems (IDS) and Security Information and Event Management (SIEM) tools to detect suspicious activity. It also recommended that companies check that their database aren't publicly exposed and ensure that sensitive data is encrypted. The massive dataset, which is believed to be available on the dark web, has been reportedly compiled from 30 different sources, mostly through infostealer malware. The dataset could enable attackers to carry out phishing, account takeovers, ransomware attacks, and business email compromises, said the Cert-In advisory. 'This is a systemic red flag,' said Gaurav Sahay, cybersecurity expert and founding partner at Arthashastra Legal. 'The breach is decentralised, harder to detect, and much more difficult to fix. We're likely to see a wave of account takeovers, especially on cloud/email services, banking or fintech apps, developer platforms, and government portals.' Sahay added that password reuse remains rampant, and the lack of MFA on many accounts makes even older credentials dangerous. 'This is a watershed moment in cybersecurity, a reminder that the human element remains the weakest link in digital security.'
