By Davey Winder
Security researchers have warned that a database containing no less than 26 billion leaked data records has been discovered. The supermassive data leak, or mother of all breaches as the researchers refer to it, is likely the biggest found to date.
Here’s What You Need To Know
According to researchers from Security Discovery and CyberNews, the newly discovered database of leaked data runs to 12 terabytes in size and deserves the MOAB title.
The research team thinks that the 26 billion record database, found on an open storage instance, will likely have been compiled by a malicious actor or data broker. “Threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” they say.
As well as data from Chinese messaging giant Tencent and social media outfit Weibo, records from users of platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram is also to be found in this database. Worryingly, the researchers also say that records from an assortment of U.S. and other government organizations can be found.
If there is good news to be found in such a discovery, it is that little of this appears to be new data. Instead, the researchers say, it’s more a case of compiled records from thousands of previous breaches and data leaks.
What’s more, there are undoubtedly a large number of duplicate data records within this compilation. The inclusion of usernames and password combinations does, however, still mean this is a cause for concern. I’d expect a surge, if current levels aren’t high enough, in credential stuffing attacks over the coming weeks as a result.
“We should never underestimate what cybercriminals can achieve with such limited information,” Jake Moore, global cybersecurity advisor at ESET, says. “Victims need to be aware of the consequences of stolen passwords and make the necessary security updates in response,” Moore continues, “this includes changing their passwords, being alert to phishing emails following the breach, and ensuring all accounts, whether affected or not, are equipped with two-factor authentication.”
update: I have reached out to LinkedIn, Dropbox and Twitter/X for statements. Dropbox is dealing with my inquiry currently, Twitter/X sent a reply saying it was busy, but at least I didn’t get a poo emoji. A LinkedIn spokesperson told me: “We are working to fully investigate these claims and we have seen no evidence that LinkedIn’s systems were breached. You can find more information on how we keep members safe from scraping here. Meanwhile, several security experts have now commented on the implications of this database being out there.
Disclaimer
The information contained in South Florida Reporter is for general information purposes only.
The South Florida Reporter assumes no responsibility for errors or omissions in the contents of the Service.
In no event shall the South Florida Reporter be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service. The Company reserves the right to make additions, deletions, or modifications to the contents of the Service at any time without prior notice.
The Company does not warrant that the Service is free of viruses or other harmful components
![Pinterest](https://pinterest.com/pin/create/button/?url=https://southfloridareporter.com/the-mother-of-all-breaches-26-billion-records-found-online/&media=https://southfloridareporter.com/wp-content/uploads/2024/01/hacked-system-dark-background-3d-illustration.jpg&description=Security researchers have discovered billions of exposed records online, calling it the “mother of all breaches."){kind=link}