Here’s your CyberMinute update from June 23.
Story 1: 6 billion passwords leaked
Over 16 billion stolen logins were found online—making it one of the largest data leaks ever. Most came from infostealer malware, which silently infects devices via phishing, malicious downloads, or drive-by attacks, stealing browser-stored passwords, cookies, and session data. This information is then sold or shared on dark web forums—sometimes for as little as $10. With this data, attackers can hijack accounts in seconds.
Experts urge everyone to update reused passwords, enable multi-factor authentication, and empower the workforce to adopt a password manager—immediately.
Story 2: AI is fuelling the next wave of data breaches.
Recent research by Varonis and Verizon showed that 98% of companies have employees using unsanctioned AI apps. These tools often bypass security, exposing sensitive data without anyone noticing. In fact, Most GenAI access is unsecured—72% of logins come from personal accounts, 60% lack single sign-on, and only 11% use fully secured corporate identities, leaving major gaps for attackers to exploit. Experts warn: lock down permissions, monitor app usage, and treat AI security as data security.
Story 3 Meta joins the passkey wagon
Meta just introduced passkey logins on Facebook and Messenger—letting users sign in with fingerprints, face scans, or PINs instead of passwords. Passkeys are stored locally and tied to specific domains, making them immune to phishing and password leaks. With companies like Google, Apple, Microsoft, WhatsApp—and now Meta—adopting passkeys, we’re seeing a major shift toward stronger, phishing-resistant authentication. Meta’s move underscores why passwordless security is becoming the new standard.
This pod was edited and produced by a human and narrated by me, an ai. If you enjoyed this briefing, why don’t you follow us and share it with someone who might like it as well.
