Yesterday, the security team at Cybernews announced what will likely prove to be the largest data breach of all time. In joint effort with security researcher Bob Dyachenko, the Cybernews team found an open instance on the web containing billions of exposed records. This breach, amounting to an incredible 12 terabytes of information and 26 billion records, is being dubbed as the Mother of All Breaches—MOAB for short.
From Twitter and LinkedIn to Adobe and Wattpad and many more, leaked data from these major online brand names were found included in the MOAB instance. Tencent, the Chinese messaging app, was the one with the largest number of exposed records—1.4 billion alone. Additionally, records from global governmental organizations were also found.
Greg Day, SVP and global field CISO at Cybereason, commented that: “As we head towards 6 years of GDPR, it’s clear that numerous businesses face challenges in promptly detecting increasingly intricate cyber-attacks, with the average response time often extending to hundreds of days.”
As a result, the combined records of all these consumers are now exposed to anyone on the web. And, while a lot of this information likely originated from previous breaches, there is undoubtedly some as-of-yet unseen data in the mix too.
The person—or persons—behind the MOAB is one of the questions that remains. It could be a threat actor or an access broker. In short, it is likely someone with an interest in having easy access to so many billions of records.
Even though the MOAB might contain duplicated data in some cases, it hardly diminishes the impact. The consequences facing consumers following this breach cannot be understated. For hackers, this treasure trove of a data-mine will become an incredibly easy way to source PII (Personally Identifiable Information) on their targets.
According to Paul Bischoff, Consumer Privacy Advocate at Comparitech, “With a single query, a hacker could find out everything about you that’s been leaked online, from old passwords to your hobbies and interests. These databases will only get more complete as time goes on, making it harder for victims to fend off fraud and other crimes.”
And this information could be used maliciously for phishing, credential-stuffing, and personal identity theft.
The implications of this could prove to be immense. Indeed, considering many consumers reuse usernames and passwords across multiple online platforms, the fallout of this MOAB could be even more far-reaching than it already is.
Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, agrees, explaining that, “The potential consumer impact of the MOAB is unprecedented, with the researchers highlighting the risk of a tsunami of credential-stuffing attacks. This threat is particularly potent due to the widespread practice of username and password reuse.”
So, what can be done in response to this? Can anything be done?
According to Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, the lack of data privacy is almost a given at this point. “I think most people in this world now correctly think that at least some portion of their personal information is available on the Internet. It’s a sad fact of life and I wonder how it impacts younger people and society overall to grow up in a world where our private information is no longer private.”
But that doesn’t mean it’s hopeless.
Chris Hauk, Consumer Privacy Champion at Pixel Privacy, suggests some integral ways that users can protect themselves. “I have long urged all internet users to act as if their personal data is available somewhere on the web. This means users should double check their login information for every site… Users should also stay alert for phishing emails, text messages, and phone calls from parties using the data in the database.”
It’s also important that concerned individuals check whether their personal information is involved in the breach. This can be done with the handy personal data check tool on the Cybernews site. By inputting an email or phone number, consumers may find out if any of their related PII is exposed online.
Tamara Kirchleitner, Senior Intelligence Operations Analyst at Centripetal, adds that it isn’t just individuals that need to be on guard, but organisations too. “It’s crucial for organizations to prioritize data protection and invest in comprehensive cybersecurity strategies. This includes awareness training, secure password managers, security audits, robust encryption, and incident response plans.”
Tom Gaffney, a Cybersecurity expert at F-Secure: “A case like this emphasises the need for individuals to be proactive in safeguarding their data and understanding how to reduce their risk. Research that we recently conducted found that almost a third of Brits (29%) don’t know what action they can take to mitigate the risks of their data being compromised.”
The outlook following the Mother of All Breaches is, admittedly, dire. But only time will tell how it all unfolds. In the meantime, if at-risk consumers and organizations take the appropriate steps today, there may be a chance for us all, collectively, to come out unscathed.
Darren Guccione, CEO and Co-Founder at Keeper Security: “This massive leak underscores the persistent and escalating cyber challenges organisations face in safeguarding sensitive data. The sheer magnitude of the leak is staggering, spanning 12 terabytes and 26 billion records. This breach should serve as a wakeup call for organisations to reevaluate their cybersecurity strategies, emphasising proactive measures over reactive responses. As cyber threats continue to evolve, the importance of robust threat intelligence, continuous monitoring and rapid incident response cannot be overstated.
“Organisations should implement a zero-trust security architecture and a policy of least-access to help prevent unauthorised privilege escalation and ensure that user access roles are strongly enforced. Companies should also have security event monitoring in place to detect and analyse privilege escalations so that anomalous behaviour can be detected and blocked.”