Digital Security Alert: Unique Passwords Essential For Data Safety

Cybersecurity measures are essential for ensuring privacy and data protection in today's digital landscape and the web users, businesses and corporate entities should opt for strong and unique passwords combined with multi-factor authentication (MFA) add layers of security to their personal and official email accounts, experts say.

Executives, analysts and cybersecurity specialists said key strategies must include implementing strong encryption to safeguard sensitive information, using MFA to enhance access security, and conducting regular security audits to identify vulnerabilities.

While referring to recent reports of a "16 billion password leak" that have sparked widespread concern, experts said businesses and commercial organisations should also educate employees on phishing and social engineering threats, promoting a culture of cybersecurity awareness.

“Utilising firewalls and antivirus software helps defend against malware and unauthorised access while regular software updates and patch management are crucial to address vulnerabilities,” according to cybersecurity specialists.

Go for Strong Password

Ezzeldin Hussein, Regional Senior Director, Solution Engineering, META, SentinelOne, said a strong password is the subscriber's first barrier-don't let it be the weakest link.

“While this recent leak aggregates old data, the danger remains current. Cybercriminals don't need new breaches when billions of credentials are still valid and reused. These massive compilations fuel phishing campaigns, credential stuffing, and identity-based attacks at scale,” Hussein told BTR.

"Passwords remain the first line of defence in cybersecurity, yet weak or reused credentials continue to be the leading cause of breaches worldwide. As cyber threats grow more advanced, relying on simple passwords is no longer enough - strong authentication practices are essential to safeguarding both personal and enterprise data."

"A password is more than just a key - it's the gateway to your digital identity. Strengthen it, protect it, and complement it with multi-factor authentication. Let this be a reminder - not just on World Password Day, but every day - that cyber hygiene begins with small but critical habits: changing default passwords, avoiding reuse, using password managers, and staying alert to phishing threats."

"Ultimately, the path forward is clear: we must shift toward passwordless authentication through biometrics, passkeys, and zero-trust identity models. A secure password is the first step toward a more resilient digital future. It's not just a personal responsibility; it's a shared mission across users, enterprises, and technology providers.”

Leading media outlets and publications have spent the past few days hyperventilating over reports of a colossal data breach that exposed more than 16 billion credentials. This is considered one of the largest data breaches in history and the records are scattered across 30 different databases including some of the global tech giants such as Apple, Facebook, Google, GitHub, Telegram, and even government platforms.

“Cybercriminals now have unprecedented access to personal credentials and could exploit them for account takeovers, identity theft, and targeted phishing attacks,” according to the report.

In response to the breach, Google has urged billions of users to switch from traditional passwords to more secure passkeys while the cybersecurity experts warned about suspicious SMS links, which could be part of widespread phishing campaigns tied to the stolen data.

Verify Links, Info First

Rob T. Lee, Chief of Research at SANS Institute, advised the web users, businesses and corporate entities to verify the links and information first before taking any action.

“After consulting multiple trusted CTI contacts, we've found no evidence of a fresh 16 billion-record password dump - no raw files or verified feeds have surfaced. This claim follows Forbes' May 17 article on“19 billion stolen passwords,” which similarly lacked source attribution and clarity on whether these figures overlap.”

He said the report's cited password-manager vendor, Keeper Security, isn't named as the origin of the data and makes no reference to any breach on its own website.

“Independent of the exact breach size, enabling multi-factor authentication blocks over 90% of account-takeover attempts. Our recommendation to all organizations and end users is simple: verify before you panic and implement 2FA today.”

Update Passwords Regularly

Peter Mackenzie, Director of Incident Response and Readiness, Sophos, said it is an important reminder to everyone to take proactive steps to update passwords, use a password manager and employ multi-factor authentication to avoid credential issues in the future.

“While you'd be right to be startled at the huge volume of data exposed in this leak it's important to note that there is no new threat here, this data will have already likely have been in circulation. These data sets are an amalgamation of information. What we are understanding is the depth of information available to cyber criminals. If you are concerned about your data being involved then using a service like can help you to check.”
Bernard Montel, Technical Director and Security Strategist - EMEA, Tenable, said data breach is a serious matter and everyone should protect its privacy through effective cybersecurity measures.

“Firstly, this is not a new data breach. It's the result of threat actors' use of infostealer malware that has silently scraped usernames and passwords during breaches. This data has been bundled, traded, and resurfaced across underground forums. That said, it's no less concerning,” Montel told BTR.

“Periodically we see this type of database surface, demonstrating that hackers have access to our online identities. Using scripts [a small program written in a programming language - such as Python, JavaScript, or Bash - that tells a computer step-by-step to do something] threat actors can trawl this treasure trove of information looking for patterns in passwords, but also credential reuse across multiple accounts. The latter is akin to a master key as it suggests the same combination will open multiple doors.”

As far as organisations are concerned, he said it's about understanding that this is a potential risk if these records correlate with over-privileged identities. Identities are the new perimeter given that compromised identities are at the center of nearly every successful cyberattack.

"Organisations must adopt an identity-first approach, that continuously validates permissions and access to prevent identity-based attacks before they occur," Montel said.

MENAFN26062025000049011007ID1109730477