26 Billion Exposed: Megabreach Uncorks Passwords, IDs from Top Platforms

Cybernews specialists, led by cybersecurity researcher Bob Diachenko, have identified a colossal data leak dubbed the “Mother of all Breaches” (MOAB), encompassing 12 TB of information and over 26 billion records. This unprecedented volume, aggregating data from thousands of previous leaks, has been reindexed and meticulously compiled.

The peril of this leak lies not only in its vast scale but also in its contents. The information spans numerous private databases, rendering the identification of data ownership virtually impossible. The leak contains not only standard credentials but also highly sensitive information, making it particularly valuable to malefactors.

Image: cybernews

The data includes a vast array of records from previous leaks. For instance, the largest volume of records, 1.4 billion, belongs to users of the Chinese messaging app Tencent QQ. Additionally, the leak features hundreds of millions of records from companies such as Weibo, MySpace, X, Deezer, LinkedIn, AdultFriendFinder, Adobe, Canva, VK, Daily Motion, Dropbox, and Telegram, among others. Furthermore, the leak has impacted records from various government organizations in the USA, Brazil, Germany, the Philippines, Turkey, etc.

Researchers emphasize that the consequences for users could be unprecedented. Many individuals reuse the same passwords across different accounts, potentially leading to widespread account attacks. Moreover, users whose data is included in MOAB may become targets of phishing attacks or spam.

Last year, DarkBeam, a company specializing in digital risk protection, experienced a massive data leak by leaving its Elasticsearch and Kibana interfaces unprotected. As a result, 3.8 billion records containing users’ email addresses and passwords from previously public and even unknown security breaches were exposed. For context, this leak accounts for 14.6% of the data volume of MOAB, underscoring the record-breaking scale of the current leak.