What We Know So Far About the Supposed ‘Mother of All Data Breaches’

By Lucas Ropek

Data breaches are so common these days that, when a new one gets announced, most web users can do little more than yawn and mutter something like “Yeah, no shit” before scrolling up to the next story in their newsfeed. This week, however, a breach was announced that was allegedly so earth-shatteringly huge that it managed to break through the internet’s wall of collective cynicism.

Dubbed the “Mother of All Data Breaches,” the breach is said to involve some 16 billion user credentials, and impact a vast number of accounts on platforms like Facebook, Google, and Apple. The breach was initially reported by Cyber News, a site that focuses on web security, and was written by the site’s deputy editor and researcher, Vilius Petkauskas. The story, published Wednesday, claims that the breach represents “one of the largest data breaches in history.”

Petkauskas’s article describes the discovered breach as “a plethora of supermassive datasets, housing billions upon billions of login credentials” that have been sourced from “social media and corporate platforms to VPNs and developer portals.” This data is sourced from “30 exposed datasets” that researchers say contains “tens of millions to over 3.5 billion records each.” Researchers say they were able to discover the exposed datasets due to insecure online protections, though they say the exposure was too short-lived for them to figure out who was “controlling” the data.

“This is not just a leak – it’s a blueprint for mass exploitation,” said researchers interviewed by the site. “With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.”

Continue reading