UAE-based cybersecurity experts are calling on companies to enhance their password security in light of a recent global breach that exposed over 16 billion login credentials. This alarming discovery included usernames and passwords from major tech companies such as Apple, Google, Facebook, Telegram, GitHub, and some government websites. Researchers from Cybernews reported these findings as part of an ongoing investigation that began earlier this year.

Rayad Kamal Ayub, managing director of Rayad Group, emphasized the severity of the situation in comments to Khaleej Times, stating, “The gravity of this situation cannot be overstated. This is weaponising intelligence at scary scales for extortion.” He warned that the sheer number of compromised login records creates substantial potential for misuse, as cybercriminals may exploit these datasets to execute more advanced attacks. Ayub noted that these records reflect current user behaviors, thereby increasing the effectiveness of phishing and other exploitation tactics.

Despite the UAE’s high ranking in the Global Cybersecurity Index 2024, Ayub strongly advised organizations to bolster password security. He recommended using password managers, enforcing minimum length and complexity standards, and enabling multi-factor authentication. Regular audits of access controls, monitoring for credential leaks, and implementing real-time detection solutions were also highlighted as crucial measures for companies to take.

Ayub pointed out that certain passwords related to popular culture and profane language were alarmingly common, with terms like ‘Ana’ appearing 178.8 million times, ‘Mario’ at 9.6 million instances, and others such as ‘Joker’ and ‘Batman’ featuring prominently in the dataset. He also noted that over 10 million passwords contained the word ‘apple’, while 4.9 million included ‘rice’, and 3.3 million included ‘pizza’.

Additionally, Carolyn Duby, field CTO and cybersecurity GTM lead at Cloudera, revealed that cybercrime is projected to cost the global economy $10.5 trillion by 2025, having already incurred a cost of $9.5 trillion in 2024. She highlighted the increasing frequency of ransomware attacks, which now occur every 11 seconds, and the rising average cost of a data breach, currently at $4.88 million. Duby recommended that companies utilizing automation and AI in their security operations can save an average of $2.22 million per breach.

Louise Bou Rached, director for the Middle East, Turkey, and Africa at Milestone Systems, echoed the need for a comprehensive approach to cybersecurity. She stated that protecting innovation and reputation requires more than just preventing breaches. Rached advocated for a layered, zero-trust strategy that includes constant verification of users, devices, and applications. She stressed that maintaining basic cyber hygiene and fostering cybersecurity awareness among staff is essential, as even the most sophisticated systems can be breached with a single click.