Click to Skip Ad
Closing in...

26 billion private records leaked in ‘mother of all breaches’

Published Jan 24th, 2024 8:25PM EST
Cyber attack on a computer.
Image: Wanniwat Roumruk/Getty Images

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Somehow, one of the largest data breaches in recent memory has already been trumped. This week, the Cybernews research team and SecurityDiscovery.com owner Bob Dyachenko worked together to uncover a data breach containing 12 terabytes of information spread across 26 billion records. They claim the leak is possibly the biggest ever discovered, with user data from popular sites such as Tencent, Weibo, MySpace, Twitter, and LinkedIn.

As with most leaked datasets anywhere near this large, much of the data has appeared before in previous breaches. That said, Cybernews notes that its data leak checker relies on data from the biggest breaches, and it “only” contains 15 billion records.

Even if there aren’t 11 billion never-before-seen records within the leak, the researchers suggest that there is a high likelihood it contains new information. As such, they have dubbed this record-breaking leak “the mother of all breaches,” or MOAB for short.

The source of the leak is a mystery, but Cybernews posits that the owner “has a vested interest in storing large amounts of data and, therefore, could be a malicious actor, data broker, or some service that works with large amounts of data.”

Here’s what the research team behind the discovery said about the breach:

The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.

At least 20 brands had more than 100 million records leaked as part of the MOAB. Cybernews put together a chart to highlight the brands that were hit the hardest:

Records leaked in the mother of all breaches.
Records leaked in the mother of all breaches. Image source: Cybernews

“If users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts,” the researchers added. “Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails.”

Jacob Siegal
Jacob Siegal Associate Editor

Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.