Somehow, one of the largest data breaches in recent memory has already been trumped. This week, the Cybernews research team and SecurityDiscovery.com owner Bob Dyachenko worked together to uncover a data breach containing 12 terabytes of information spread across 26 billion records. They claim the leak is possibly the biggest ever discovered, with user data from popular sites such as Tencent, Weibo, MySpace, Twitter, and LinkedIn.
As with most leaked datasets anywhere near this large, much of the data has appeared before in previous breaches. That said, Cybernews notes that its data leak checker relies on data from the biggest breaches, and it “only” contains 15 billion records.
Even if there aren’t 11 billion never-before-seen records within the leak, the researchers suggest that there is a high likelihood it contains new information. As such, they have dubbed this record-breaking leak “the mother of all breaches,” or MOAB for short.
The source of the leak is a mystery, but Cybernews posits that the owner “has a vested interest in storing large amounts of data and, therefore, could be a malicious actor, data broker, or some service that works with large amounts of data.”
Here’s what the research team behind the discovery said about the breach:
The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.
At least 20 brands had more than 100 million records leaked as part of the MOAB. Cybernews put together a chart to highlight the brands that were hit the hardest:
“If users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts,” the researchers added. “Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails.”