Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed​

The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost certainly the largest ever discovered. The supermassive MOAB (Mother of all breaches) does not appear to be made up of newly stolen data only and is most likely the largest compilation of multiple breaches (COMB).

While the team identified over 26 billion records, duplicates are also highly likely. However, the leaked data contains far more information than just credentials – most of the exposed data is sensitive and, therefore, valuable for malicious actors. A quick run through the data tree reveals an astoundingly large number of records compiled from previous breaches. The largest number of records, 1.4 billion, comes from Tencent QQ, a Chinese instant messaging app. However, there are supposedly hundreds of millions of records from Weibo (504M), MySpace (360M), Twitter (281M), Deezer (258M), Linkedin (251M), AdultFriendFinder (220M), Adobe (153M), Canva (143M), VK (101M), Daily Motion (86M), Dropbox (69M), Telegram (41M), and many other companies and organizations.

According to the team, the consumer impact of the supermassive MOAB could be unprecedented. Since many people reuse usernames and passwords, malicious actors could embark on a tsunami of credential-stuffing attacks.

Security Affairs 01/22/2024