Proton Data Breach Exposes 300 Million Credentials on Dark Web Markets

Privacy-focused technology company Proton has issued a stark warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on dark web marketplaces.

The company’s findings highlight a growing threat to businesses and individuals worldwide as cybercriminals exploit compromised information for financial gain and identity theft.

Proton’s Dark Web Surveillance Initiative

Through its Data Breach Observatory initiative, Proton is directly monitoring underground cybercriminal forums to identify and report data leaks in real time.

This proactive approach helps businesses protect themselves before massive security incidents become public knowledge.

The company’s recent findings paint a concerning picture of the current threat landscape, with major corporations across multiple industries falling victim to sophisticated cyberattacks affecting telecommunications giants, financial institutions, technology companies, and transportation services spanning multiple continents.

Proton emphasizes that four in five small businesses have experienced recent data breaches, with single incidents potentially costing firms over one million dollars.

The company launched the Data Breach Observatory specifically because many breaches go unreported until significant damage has already occurred.

By proactively scouring dark web marketplaces where stolen credentials are bought and sold, Proton aims to provide early warnings that could prevent further compromise.

The exposed data typically includes highly sensitive personal information such as names, dates of birth, physical addresses, phone numbers, email addresses, and passwords.

In some cases, even more critical information like social security numbers, banking details, and IBAN information has been compromised.

This combination of data points makes identity theft and financial fraud significantly easier for cybercriminals to execute, creating substantial risks for affected individuals and organizations.

According to Proton’s Data Breach Observatory, recent breaches include Australian airline Qantas Airways, with over 11.8 million records exposed in October 2025, German insurance provider Allianz Lif, with more than one million records compromised in September, and U.S.-based technology company Tracelo with 1.4 million records leaked.

Earlier in 2025, French telecommunications provider Free suffered a massive breach exposing over 19 million customer records, while Indian education technology platform SkilloVilla had 33 million records compromised.

Security experts recommend that businesses implement robust password management systems and multi-factor authentication as their first line of defense against credential-based attacks.

Proton advises organizations to regularly monitor for compromised credentials and immediately reset passwords when breaches are discovered.

The company provides detailed breach information through its observatory platform, enabling businesses to determine whether their data has been exposed and take appropriate remediation steps before attackers can exploit stolen credentials.

Risk Factor Table

Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today