Tether's founder reveals open-source local password manager

Late Thursday, Tether CEO Paolo Ardoino teased the release of PearPass, a fully local, open-source password manager, following the disclosure of what cybersecurity researchers are calling the largest data breach in internet history. The breach reportedly exposed 16 billion usernames and passwords from platforms including Apple, Facebook, Google, and several government services.

Ardoino shared the news via social media platform X, lambasting the security flaws of cloud-based storage. 

“The cloud has failed us. Again,” he wrote. “It’s time to ditch the cloud.” His statement was in direct response to the breach that experts have called a “blueprint for mass exploitation.”

Tether CTO mulls new password manager

Ardoino, whose company Tether issues the world’s most-used stablecoin, USDT, described PearPass as the solution to failures in cloud-based security systems. He reiterated that PearPass will be “fully local” and “open-source,” meaning users will store all their data, including passwords and encryption keys, directly on their devices rather than on remote servers.

“No cloud. No servers. No leaks. Ever,” Ardoino remarked.

Tether has not confirmed if PearPass will be integrated with any existing platforms. However, the company’s previous ventures provide some clues. 

The cloud has failed us. Again.
16 billion passwords just leaked.
It’s time to ditch the cloud.

That’s why we’ve been building PearPass — coming soon.

A fully local, open-source password manager. No cloud. No servers. No leaks. Ever.

Just you — and your keys, stored securely… https://t.co/FkL1wrdpCo pic.twitter.com/wynlieJ2E4

— Paolo Ardoino 🤖 (@paoloardoino) June 19, 2025

In 2022, Tether partnered with Holepunch and Synonym to launch Pear Credit, a peer-to-peer financial system enabling decentralized lending. 

Largest credential leak exposes password hashes 

According to a report from Forbes, the private information dump involves login credentials harvested from several platforms and online services, the most known breach of its kind.

Cybersecurity researchers have identified 30 distinct datasets linked to the breach, each containing an average of 3.5 billion records. The compromised data was supposedly stolen from social media platforms, VPN providers, developer portals, and both corporate and government accounts. 

Investigators noted that many of the stolen credentials appear to have been gathered as recently as early 2025

Another analysis of the dataset said it includes stolen data from infostealer malware, credential stuffing operations, and repackaged leaks from previous breaches. 

There is currently no reliable method to determine how many unique users have been affected due to overlapping records, but analysts confirmed that the data follows a pattern of URLs, followed by login details and a password hashes.

This format is used by modern infostealers and involves malicious software that can extract sensitive data such as credentials, browser cookies, and tokens from infected devices. 

“The inclusion of both old and recent infostealer logs, often with tokens, cookies, and metadata, makes this data particularly dangerous,” researchers noted.

Philosophy of security in technology

The timing of PearPass’s announcement is against the backdrop of CEO Ardoino’s advocacy for technologies that function independently of centralized infrastructure. In a June 19 podcast talk with tech investor Anthony Pompliano, he explained his vision for “worst-case scenario” tools.

“If we are living in a disaster scenario, we need to be able to have technology that works locally first,” Ardoino said. “My mission is to prove that you can build great technology that is human-first.” 

He mentioned the work of Tether’s encrypted P2P platform HolePunch, and a new artificial intelligence runtime, Tether AI, as examples of this philosophy.

Tether AI is being designed as a device-agnostic, open-source AI framework that can run offline and integrate directly with crypto wallets through Tether’s wallet development kit (WDK). 

Outside of developing security solutions, the US Department of Justice credited the stablecoin issuer earlier this week for the seizure of roughly $225 million in USDT, linked to a global “pig butchering” scheme.

Cryptopolitan Academy: Coming Soon - A New Way to Earn Passive Income with DeFi in 2025. Learn More