A staggering 16 billion passwords may have been compromised, according to Robert Falzon, the head of engineering at Check Point, a renowned security software firm. Cybersecurity expert Falzon lifted the curtain on how this shocking data breach occurred. He tweeted out some very important information on what people can do to safeguard themselves.
On June 20, 2025, The Canadian Press reported Falzon’s worries about the massive leak of passwords. He wondered if those other data points were probably pulled via infostealers, a class of malware that silently gathers sensitive information. “It just kind of sits and listens to the computer while you’re typing things from the keyboard,” he explained, shedding light on how these malicious programs operate.
Falzon underscored the challenges in tracing the source of leaked information. He warned that hackers are often pulling data from several different breaches. They’ll then compile it and compress it into one package, selling it all together on the dark web. “As a result of that, we end up with these giant repositories on the dark net filled with lists and lists and lists of usernames and passwords and credentials that have been stolen from users all around the world and that are being bought and sold as commodities,” he stated.
And the consequences of this large data leak go beyond just having to redial a number. Falzon highlighted that virtually everyone has experienced a data breach by now. He encouraged all to proceed from the standpoint that what they are producing and sharing could end up in these revelations. He warned about the dangers of reusing passwords, noting that this common practice can tremendously heighten the chances of an attacker gaining access to several accounts.
Falzon emphasized the very real threats that people face when their passwords are stolen, pointing out that hackers could be given access to sensitive private bank accounts. He cautioned that bad actors could take advantage of stolen credentials. Or peruse a host of other possibilities, from transferring loyalty points out of their accounts to your preferred retailers. The risks of identity theft are high, with criminals able to use stolen information to pose as victims.
Given these dangers, Falzon’s tips for bolstering your individual cybersecurity are timely and necessary. People need to use long, distinct passwords across all of their accounts and start using two-factor authentication when offered. By enabling these features, users can further strengthen their accounts to prevent unauthorized access.
“If hackers manage to get their hands on your password for Google, Apple, or Facebook, stealing your money and identity may be easier than taking candy from a three-year-old.” – Ignas Valancius
The sheer scale of this password dump should be a rude awakening to the game which millions of internet users worldwide are playing. With billions of credentials already out there being bought to the highest bidder, taking proactive measures to protect people’s most private information is vital. Falzon’s insights highlight the ongoing battle between cybersecurity professionals and cybercriminals, reinforcing the need for vigilance in an increasingly digital landscape.
