26 billion records found online

Martin Průcha, 14. 02. 2024


Security researchers have discovered 26 billions of records exposed online, calling it the “mother all leaks”. They apparently come from multiple sources and total 12 TB of data.

What records was leaked

The leak, which includes data from users of LinkedIn, Twitter, Weibo, Tencent and other platforms, is almost certainly the largest ever discovered. There are simply data leaks, and then there’s this. The supermassive “Mother of all Breaches (MOAB for short)” contains records from thousands of carefully compiled and reindexed leaks, breaches and privately sold databases. 26 billion records are stored in 3,800 folders, with each folder corresponding to a separate data leak.
Thus, it appears that the exposed dataset does not come from a single leak, but rather is a compilation from multiple sources. These files are often created by so-called data enrichment companies. Data enrichment is the process of combining first-party data from internal sources with disparate data from other internal systems or with third-party data from external sources. Enriched data is a valuable asset to any organization because it becomes more useful and insightful.
Although the team identified more than 26 billion records, it is very likely that duplicates will be found. However, the leaked data contains much more information than just login credentials – most of the exposed data is sensitive and therefore valuable to threat actors.

As for the source of the data, security researchers say the largest number of records, 1.4 billion, came from the Chinese instant messaging app Tencent QQ. However, there are also reportedly hundreds of millions of records from Weibo (504 million), MySpace (360 million), Twitter (281 million), Deezer (258 million), Linkedin (251 million), AdultFriendFinder (220 million), Adobe (153 million), Canva (143 million), VK (101 million), Daily Motion (86 million), Dropbox (69 million), Telegram (41 million) and many other services, companies and organisations.
The leak also includes records from various government organizations in the U.S., Brazil, Germany, the Philippines, Turkey and other countries. The scale of the leak is unprecedented. For example, in 2021, Cybernews reported on the COMB leak, which contained 3.2 bil

What threatens

Whether the data was leaked in a security breach, collected through scraping, or collected by a data enrichment company, the end result is essentially the same for those affected. Sensitive information is freely available and any cybercriminal can use it as they see fit.
This data set is very dangerous because threat actors could use the aggregated data for a variety of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.
To find out if your data is exposed online somewhere, you can try a free digital footprint scan on the Malwarebytes website. Fill in the email address you’re interested in (it’s best to enter the one you use most often), and the company will send you a report with the results. You can also use the well-known Have I Been Pwned site, or the Cybernews data leak checker tool.
If there has been a breach and your passwords have been leaked in addition to your email, it would be a good idea to change your password wherever you used it and enable 2FA as soon as possible. Fraudsters are very good at using the information found in security breaches in social engineering attacks. Even the fact that your details may have been leaked in a breach is easily used by fraudsters to launch a phishing attack and see what else they can find out from you.
Last year, more than 2,000 companies and government entities reported data leaks, impacting more than 400 million personal accounts. Set up identity monitoring and receive alerts whenever your data is exposed in a new breach.
Not one of those affected? Check it out. You can check for data leaks on the well-known Have I Been Pwned site.

Autrhor: Trixit

picture: DALL·E

 


More posts