Who doesn't have Twitter, LinkedIn, Adobe, Dropbox and many more accounts? This leak is already nicknamed MOAB (military jargon). the mother of all bombs) to apply it to the area of IT security: the mother of all offenses or the mother of all offenses.
What computer science researchers have discovered is quite disturbing.
They announced the discovery of a database containing up to 26 billion leaked records. This massive data leak is probably the biggest discovery yet.
12 terabytes of data
According to researchers at Security Discovery and CyberNews, the newly discovered database reaches 12 terabytes (12 TB) in size, earning it the title MOAB.
They estimate that the database of 26 billion records found on unprotected storage media was likely compiled by a malicious actor or data broker. “Hackers could use aggregated data for a variety of attacks, including identity theft, sophisticated phishing attacks, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” according to the Forbes website.
AFP
Tencent, Weibo, Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram
In addition to data from Chinese giants Tencent and Weibo, the information found also includes user records from platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram. Worryingly, researchers also say records from a number of US and other government organizations can be found.
To somewhat mitigate the significance of the leak, the researchers believe that the stolen records were compiled from thousands of previous data breaches and leaks.
This is the only downside to the matter, as the inclusion of usernames and password combinations remains a concern.
What you should do
If cybercriminals have so much data, it is not for nothing, as they will use it on a large scale and very soon for credential stuffing attacks – a cyberattack that consists of fraudulently accessing a user's account after automated login attempts from an access list a web application to access data typically stolen from another web application (GDT).
Hackers know that a large number of users use the same usernames and passwords across multiple web applications and intend to exploit this.
Therefore, replace your passwords and, where possible, increase the security of your accounts with two-factor authentication.
Companies need to do more to increase the security of their servers.