Cybersecurity researchers are sounding the alarm over what they’ve dubbed the ‘Mother of all Breaches’ (MOAB), a colossal data breach that has exposed over 26 billion personal records. This incident is considered one of the largest data leaks to date, raising concerns about a potential surge in cybercrime.
The breach, discovered by Bob Dyachenko of SecurityDiscovery.com and researchers from Cybernews, uncovered sensitive information from major platforms such as Twitter, Dropbox, and LinkedIn on an unsecured web instance. Experts believe this breach could have severe consequences, leading to identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.
The dataset, totaling 12 terabytes of records, appears to be a compilation of earlier breaches rather than a new security incident. While some records are likely duplicates, the sheer volume and sensitive nature of the information heighten the risk associated with this breach.
Among the impacted sites, Tencent’s QQ, a popular Chinese messaging app, stands out with 1.5 billion records exposed. Other major leaks include data from Weibo, MySpace, Twitter, LinkedIn, and AdultFriendFinder. Government organizations from the US, Brazil, Germany, the Philippines, Turkey, and others are also affected.
Experts emphasize the potential dangers associated with the breached data, as threat actors could exploit the aggregated information for various malicious purposes. The compromised records could serve as a foundation for identity theft, phishing attacks, and unauthorized access to personal accounts.
To check if individuals have been affected by historic data breaches, Cybernews has developed a data leak checker. Users can enter their email address or phone number into the search bar to determine whether their account information has been compromised. Cybernews is actively working to update the tool to include information from this latest breach.
Alternatively, Cybernews has created a searchable list of sites compromised by the breach. Users concerned about a specific site can search for its name to ascertain whether data has been leaked. Experts caution users not to provide more personal information online than necessary to minimize the risk of exploitation.
Jake Moore, global cybersecurity advisor for ESET, underscores the magnitude of the breach, emphasizing the potential consequences of compromised passwords. Users are advised to change their passwords, adopt two-factor authentication, and remain vigilant against phishing emails.
In response to the breach, cybersecurity expert Tory Hunt recommends using “Have I Been Pwned?” to check whether an email has been compromised in previous data breaches. Additionally, Hunt advises users to utilize a password manager, enable two-factor authentication, and stay informed about any breaches to enhance online security.