In what is being dubbed the “Mother of all Breaches” (MOAB), a colossal data leak has surfaced, exposing billions of records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases.
- The leak’s scale is of yet unseen proportions
Bob Dyachenko, a cybersecurity researcher and owner at SecurityDiscovery.com, along with the Cybernews team, discovered the enormous volume of exposed records on an open instance.
Initially, the owner of the database was unknown. However, Leak-Lookup, a data breach search engine, later claimed responsibility for the leaked dataset.
The platform posted a message on X (formerly Twitter), stating that the leak resulted from a “firewall misconfiguration,” which has since been corrected.
In a chilling revelation, the team uncovered a dataset, ominously dubbed the “Mother of All Breaches” (MOAB), that appears to contain more than just remnants of past data breaches.
The initial investigation suggests that this trove of data holds secrets never before exposed to the public eye. For instance, the Cybernews data leak checker, a robust tool relying on a staggering collection of over 15 billion records from more than 2,500 breaches, is now overshadowed by the MOAB.
This newly discovered behemoth comprises a jaw-dropping 26 billion records, meticulously organised into 3,800 folders, each a testament to a separate data breach.
While the sheer volume alone doesn’t definitively confirm the presence of entirely new information, the overwhelming number of records strongly hints at the inclusion of previously unseen data.
The implications are unsettling. Researchers suspect that the custodian of this digital Pandora’s box is likely to be a figure with dubious intentions—potentially a malicious actor, a data broker, or an entity dealing in the vast seas of personal information.
The discovery of the MOAB raises alarm bells across the cybersecurity landscape, signaling a dire need for vigilance and a reevaluation of data protection measures.
“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorised access to personal and sensitive accounts,” the researchers said.
The supermassive MOAB does not appear to be made up of newly stolen data only and is most likely the largest compilation of multiple breaches (COMB).
While the team identified over 26 billion records, duplicates are also highly likely. However, the leaked data contains far more information than just credentials – most of the exposed data is sensitive and, therefore, valuable for malicious actors.
A swift examination of the data trove reveals an astonishing compilation of records amassed from previous breaches. The largest segment, a staggering 1.4 billion records, originates from Tencent QQ, the popular Chinese instant messaging app.
Yet, this is just the tip of the iceberg. The dataset also purportedly includes hundreds of millions of records from various well-known platforms including:
Weibo (504 million), MySpace (360 million), Twitter (281 million), Deezer (258 million), LinkedIn (251 million), AdultFriendFinder (220 million), Adobe (153 million), Canva (143 million), VK (101 million), Daily Motion (86 million), Dropbox (69 million), Telegram (41 million), and numerous other companies and organisations.
Disturbingly, the breach doesn’t stop at private companies. It also encompasses records from various government organizations across the globe, including the US, Brazil, Germany, the Philippines, Turkey, and several other countries.
The team warns that the consumer impact of this supermassive MOAB could be unprecedented. With many individuals habitually reusing usernames and passwords, this colossal leak could trigger a relentless wave of credential-stuffing attacks by malicious actors, posing a severe threat to global cybersecurity.
“If users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts,”
“Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails,” the researchers said.
