Privacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web.
Through its Data Breach Observatory initiative, Proton is directly monitoring underground cybercriminal forums to identify and report data leaks in real time, helping businesses protect themselves before massive security incidents become public knowledge.
The ProtonVPN logo featuring a gradient triangle and bold text reflecting the brand identity of ProtonVPN, a popular VPN service provider
The company’s recent findings paint a concerning picture of the current threat landscape, with major corporations across multiple industries falling victim to sophisticated cyberattacks.
Proton’s dark web surveillance has uncovered breaches affecting telecommunications giants, financial institutions, technology companies, and transportation services spanning multiple continents.
Proton emphasizes that four in five small businesses have experienced recent data breaches, with single incidents potentially costing firms over one million dollars.
The company launched the Data Breach Observatory specifically because many breaches go unreported until significant damage has already occurred.
By proactively scouring dark web marketplaces where stolen credentials are bought and sold, Proton aims to provide early warnings that could prevent further compromise.
The exposed data typically includes highly sensitive personal information such as names, dates of birth, physical addresses, phone numbers, email addresses, passwords, and in some cases, social security numbers, banking details, and IBAN information.
This combination of data points makes identity theft and financial fraud significantly easier for cybercriminals to execute.
According to Proton’s Data Breach Observatory, the most recent breaches include Australian airline Qantas Airways with over 11.8 million records exposed in October 2025, German insurance provider Allianz Life with more than one million records compromised in September, and U.S.-based technology company Tracelo with 1.4 million records leaked.
Earlier in 2025, French telecommunications provider Free suffered a massive breach exposing over 19 million customer records, while Indian education technology platform SkilloVilla had 33 million records compromised.
These incidents span telecommunications, financial services, technology, retail, and transportation sectors, demonstrating that no industry remains immune to cyber threats.
Security experts recommend that businesses implement robust password management systems and multi-factor authentication as their first line of defense against credential-based attacks.
Proton advises organizations to regularly monitor for compromised credentials and immediately reset passwords when breaches are discovered.
| Company | Country | Records Exposed | Compromised Data |
| Qantas Airways | Australia | 11.8 million+ | Name, date of birth, physical address, phone number, email address |
| Allianz Life | Germany | 1 million+ | Name, date of birth, physical address, phone number, email address, social security number |
| Tracelo | United States | 1.4 million+ | Name, physical address, phone number, email address, password |
| INTERSPORT France | France | 105,782 | Name, physical address, phone number, email address |
| Free | France | 19 million+ | Name, date of birth, phone number, email address, IBAN |
| Orange Romania | Romania | 3.4 million+ | Name, date of birth, physical address, phone number, email address, username, ID number |
| Zacks Investment Research | United States | 5.4 million+ | Name, physical address, phone number, email address, username, password |
| SkilloVilla | India | 33 million+ | Name, physical address, phone number, email address |
| amai | Singapore | 10 million+ | Name, physical address, phone number, email address, password |
| PhoneMondo | Germany | 10 million+ | Name, date of birth, physical address, phone number, email address, username, password, IBAN |
The company provides detailed breach information through its observatory platform, enabling businesses to determine whether their data has been exposed and take appropriate remediation steps before attackers can exploit stolen credentials.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
