Massive leak exposes 26 billion records in mother of all breaches

What just happened? Researchers have discovered a database composed of stolen user credentials and personally identifiable information (PII) so large that it's been dubbed the mother of all breaches (MOAB). The dataset contains no fewer than 26 billion records, making up 12TB of data from sites including Twitter/X, LinkedIn, Weibo, Tencent, and more.

Cybersecurity researcher Bob Diachenko, who has uncovered many big data leaks over the years, and the CyberNews team discovered the exposed records.

As is the case with similar databases, most of the data in MOAB has been gathered together from previous leaks over the years. But the sheer number of records it contains suggests there will be new information that has never before appeared online.

The database, containing 26 billion records across 3,800 folders, each corresponding to a separate data breach, is likely the largest-ever compilation of multiple breaches.

The largest number of records, 1.5 billion, come from Tencent, followed by Weibo (504 million), MySpace (360 million), and Twitter/X (281 million). The inclusion of social media pioneer MySpace highlights how old some of these records are, but then plenty of people keep reusing the same email and password combo, enabling hackers to use credential stuffing attacks. There are also 86 million records from Dailymotion, 69 million from Dropbox, and 41 million from Telegram.

"Threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts," the researchers write.

The database also contains records from various government organizations, including those from the US, which is a concern.

While MOAB is thought to be the biggest of its kind ever discovered, there are always duplicate records in these datasets, and it's worth reiterating that the vast majority of the records come from older leaks. Nevertheless, don't be surprised if instances of attempted and successful account hacks increase over the next few weeks.

News of the database comes just a week after Troy Hunt, operator of Have I Been Pwned, uncovered a data dump containing 71 million unique credentials and 25 million never-before-seen passwords. It's possible that some of these records also appear in MOAB.