Global Password Breach Forces UAE Firms to Harden Security
A staggering 16 billion login credentials have been exposed globally, prompting cybersecurity experts in the UAE to call for immediate improvements in IT security. The breach includes data from major tech platforms such as Apple, Google, Facebook, Telegram, GitHub, and even some government websites.
Researchers at Cybernews, who uncovered the breach through an ongoing investigation, highlighted the critical risk posed by this fresh wave of data. “With more than 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing,” they warned. Notably, they emphasized that the data is recent and therefore far more dangerous.
Speaking to Khaleej Times, Rayad Kamal Ayub, a Dubai-based cybersecurity expert, expressed grave concern. “The gravity of this situation cannot be overstated. This is weaponising intelligence at scary scales for extortion.” He explained that current user behaviors reflected in the leaked credentials make phishing and impersonation more effective than ever.
Although the UAE scored highly in the 2024 Global Cybersecurity Index, Ayub urged organizations to act decisively. He recommended using password managers, enforcing complexity requirements, enabling multi-factor authentication, and auditing access controls regularly. Furthermore, companies must monitor for credential leaks and invest in real-time detection tools.
“It is advisable to hire professionals or cybersecurity companies to maintain databases and access control,” Ayub added, stressing that sectors like healthcare, banking, and retail should encrypt all sensitive data. He revealed that in the data dump, ‘Ana’ appeared in over 178 million records.
From ‘Batman’ to ‘Pizza’: Weak Password Trends Continue
The exposed dataset also revealed predictable and often inappropriate password choices. Profane words were found in 165 million passwords. Meanwhile, popular culture references such as ‘Mario’ (9.6 million), ‘Joker’ (3.1 million), ‘Batman’ (3.9 million), and ‘Thor’ (6.2 million) were widely used.
Food-related passwords remain surprisingly common. More than 10 million passwords featured ‘apple’, while ‘rice’ appeared in 4.9 million, ‘orange’ in 3.6 million, and ‘pizza’ in 3.3 million. These weak, easily guessed terms leave users especially vulnerable to automated brute-force attacks.
According to Cybersecurity Ventures, “Cybercrime is expected to cost the world $10.5 trillion by 2025, having already cost $9.5 trillion in 2024 alone.” She added that ransomware attacks now occur every 11 seconds, and the average cost of a breach has risen to $4.88 million.
However, she noted that companies using AI and automation save $2.22 million per incident on average. “All data is equal in the eyes of AI and will be used blindly, unless proper parameters are set,” Duby emphasized, stressing that securing personally identifiable information (PII) is the first and most crucial step in maintaining consumer trust.
Cybersecurity Requires Constant Action and Awareness
Louise Bou Rached, director for the Middle East, Turkey, and Africa at Milestone Systems, stated that reactive defense is no longer enough. “Companies must implement a layered, zero-trust strategy that goes beyond reactive defense and involves constant verification of each user, device, and application,” she said.
She also underscored the need for strong access controls, multi-factor authentication, endpoint security, and regular audits. In addition to that, maintaining cyber hygiene through staff awareness is vital. “Given that even the most sophisticated systems can be compromised with a single click, encouraging staff members through cybersecurity awareness training is equally crucial,” Rached explained.
In conclusion, UAE cybersecurity leaders agree: organizations must move quickly. Transitioning to a culture of continuous detection and protection is essential not just for safeguarding data, but for maintaining business continuity and trust in an interconnected world.
