Lithuania's National Cyber Security Centre (NKSC) has issued an urgent warning, prompting users to protect their accounts in response to one of the largest known data breaches to date.
According to cybersecurity experts, the leak involving over 16 billion records from active user accounts worldwide spans major tech platforms including Apple, Google, Facebook, Telegram, GitHub, and Microsoft, among others.
In a statement, the NKSC, which operates under the Defense Ministry, said the scale of the breach poses a serious threat of mass cyberattacks, including account takeovers, financial fraud, and phishing schemes.
What makes this breach particularly alarming, according to the NKSC, is that the leaked information belongs to currently active accounts − not outdated or archived ones. Officials say it is likely that Lithuanian users are among those affected, and they are urging the public to take immediate action.
Recommended steps to protect your accounts
The NKSC advises users to change passwords on all important accounts, especially if reused across multiple platforms. Use strong, unique passwords for each service, stored in a reputable password manager, rather than saving them in your web browser. NKSC also highly recommends enabling two-factor or multi-factor authentication (2FA/MFA) on every account − email, social media, and online banking included, and checking if your email or data was compromised using tools like HaveIBeenPwned.com.
Furthermore, consider deleting sensitive information from email inboxes that could be accessed if an account is hijacked; regularly updating your operating system, apps, and browser extensions to patch known vulnerabilities; installing and maintaining a reliable antivirus program; and finally periodically reviewing app and extension permissions to remove unnecessary access.
The NKSC also stressed that cybersecurity is not just a technical issue − it’s a matter of personal responsibility. Even the strongest infrastructure can be undermined by human mistakes, such as weak passwords, outdated systems, or the failure to activate 2FA.
Report cyber incidents
Anyone who suspects they’ve been targeted by cybercriminals is encouraged to report the incident to the NKSC via their official portal: https://www.nksc.lt/pranesti.html
Authorities continue to monitor the situation and may release additional guidance as more details emerge.
What happened?
According to NKSC, part of the leaked data was collected through infostealer-type malware stealthy programmes that infiltrate devices and silently extract login credentials, browser histories, and other sensitive information, sending them to malicious actors.
These spyware tools are commonly installed via social engineering tactics, such as fake emails mimicking trusted institutions or companies. A single click on a malicious link or attachment can launch the malware, which then operates in the background, undetected.
Newsletter
Every Friday morning.
