In an almost comically predictable turn of events, the world has once again been mercifully graced with another event to keep us on our toes, a data breach so immense, it’s been dubbed the ‘Mother of All Breaches’ (MOAB).
This January 2024, 26 billion records were exposed, thanks to the efforts of those recognized agents: the hackers and, possibly, data brokers. But one thing is different with this one. This time, they’ve outdone themselves, compiling a treasure trove of information from X (FKA Twitter) with 281 million leaks, LinkedIn with 251 million leaks, Dropbox, Adobe, Canva, and Telegram, along with volumes and volumes of data from various government organizations worldwide.
Discovered by researchers at Security Discovery and CyberNews, and truth be told, between you and us, the Mother of all Breaches is less of a fresh hack and more of a best hits album of breaches, now all conveniently located in one unsecured online database.
“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks,” according to the researchers. Adding that a massive cyberattack, and specifically this one, most likely includes identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive content.
Why the “Mother of All Breaches,” You Ask?
When we talk 12 terabytes of data, then the name seems fitting. This data collection is less ‘needle in a haystack’ and more ‘haystack in a needle store,’ with some of the data leaked from hundreds of websites, potentially releasing what appears to be hundreds of millions of records worldwide.
The highlight of this digital disaster? Chinese instant messaging app Tencent QQ, leading the event with 1.4 billion records exposed, alongside MySpace with 360 million, JD.com, and a variety of government agencies from the US, Brazil, Germany, Philippines, and Turkey.
Now, the minds behind this discovery assure us that much of this data is duplicated – because, of course, why have one copy of your personal information out there when you can have two? The silver lining? They say, is that this is mostly old news. But that doesn’t mean that we can undermine the enormity of the breach. However, the inclusion of usernames and passwords does add a certain je ne sais quoi to the situation, opening doors, and perhaps all the windows for a potential uptick in credential stuffing attacks.
The good old sequel.
In response to this cyber carnival, experts like Jake Moore from ESET advises that you change your passwords, as soon as possible, due the looming threat of phishing emails. Moore also highlights the using two-factor authentication. It’s almost as if we haven’t heard that advice after the last dozen data breaches.
“Cybercriminals cannot ever be underestimated with what they can achieve with even minimal information but if passwords have been take the victims need to be aware of the consequences and must make the appropriate security updates.”
For those of you losing sleep over whether your details are part of this digital debacle, fret not! Cybernews has graciously provided a tool to check if your email address has been part of this or any previous breaches. Because what’s more reassuring than confirming your personal information is floating around the internet?
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecuritysections to stay informed and up-to-date with our daily articles.