There’s a very urgent warning for everyone with online accounts, and you’d be wise not to ignore it. Cyber security experts say they have just uncovered one of the biggest data breaches ever with it thought that over 15 billion passwords may have been exposed. Although it’s currently unclear exactly what accounts have been affected, now is not a time to be complacent. In fact, it’s vital you check and change everything that may give hackers access to personal data.

This includes Gmail, Facebook, Instagram and any online services accessed by your Apple, Microsoft and Google devices.

The worrying leak was discovered by the team at Cybernews who say they found 30 exposed datasets with some containing tens of millions of records whilst others had up to 3.5 billion.

“This is not just a leak – it’s a blueprint for mass exploitation,” Cybernews said.

“With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. What’s especially concerning is the structure and recency of these datasets – these aren’t just old breaches being recycled. This is fresh, weaponizable intelligence at scale.”

Luckily, it seems the data was only available for a very short amount of time, but it’s still vital to make some changes as soon as possible.

Along with tweaking passwords, it’s a good idea to add two-factor verification to accounts (2FA) as this won’t let you log in unless a code is sent to another device.

Where possible, you should change the way you log in to face or fingerprint recognition as these methods are almost impossible for crooks to crack.

It’s also a good idea to keep an eye on sites such as Have I Been Pwned, as these show if your accounts have been targeted.

When choosing a new password make sure it’s full of capital letters, symbols and numbers – it should also be at least eight characters long.

For example, if your current code is liverpool – you can make it far more secure by simply changing it to L1vep@ol.

It’s a really bad idea to use the same code for multiple accounts. Don’t forget that Apple and Google have services that will create and securely store passwords for you.

Don’t wait to make the changes as it could leave you in danger.