A massive data breach containing user information from numerous platforms has been discovered, making it likely the largest breach ever. Cybersecurity researcher Bob Dyachenko from SecurityDiscovery and the Cybernews team uncovered the 26 billion record "Mother of all Breaches" (MOAB) containing 12 TB of data from thousands of previous breaches as well as potentially unreleased information.
The leaked data originates from many sources, including major platforms like LinkedIn, X (formerly known as Twitter), Weibo, Dropbox, Tencent, and others. Records number in the hundreds of millions for these sites alone, including 1.5 billion from Tencent QQ, 504 million from Weibo, 360 million from MySpace, and over 200 million each from sites like AdultFriendFinder, Deezer, and LinkedIn.
Government organizations in countries like the US, Brazil, Germany, Philippines, and Turkey were also impacted by the breach.
Here are the details of what we know so far.
Billions of New Records Leaked
While much of the data comes from previous breaches, the sheer scale of MOAB makes it highly likely that new, unpublished information is included as well. Researchers estimate the difference could amount to billions of new records that have not been seen before this mega breach.
List of some of the companies whose data has been leaked. (Source: cybernews.com)
They believe the compiler of this data has a strong interest in aggregating and storing large troves of information and could be a malicious actor, data broker, or other service dealing heavily with user data. The motivation remains unclear, but the threat posed by such a massive store of sensitive information is extremely serious.
MOAB's size dwarfs past leaks, containing over triple the records of the largest 2021 “Mother of All Leaks.”
Massive Implications for Identity Theft and Targeted Attacks
The exposed information goes far beyond just credentials, most of it highly sensitive personal and account data. Researchers described the leak as "extremely dangerous" since threat actors could leverage the aggregated data for a wide range of malicious purposes. These include identity theft on an unprecedented scale, sophisticated phishing schemes, targeted cyberattacks against individuals or organizations, and unauthorized account access.
With so many reused usernames and passwords across the internet, credential stuffing attacks also become easier at this scale. Account takeovers can occur when credentials from one breach are used to access other accounts, especially when users reuse passwords between platforms.
Steps to Protect Yourself
We strongly advise that you use strong, unique passwords for all of your accounts, enable multi-factor authentication wherever it's available, monitor for phishing attempts, and refrain from oversharing personal information online.
The scale of this leak makes individual awareness and proactive security measures more important than ever before in the face of this unprecedented data exposure.