An open instance that provides fully searchable access to records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases, has been discovered by cyber security researchers.
The open instance was discovered by research teams at Cybernews and SecurityDiscovery.com, and has been dubbed the 'Mother of All Breaches' (MOAB). The supermassive MOAB does not appear to be made up of newly stolen data and is most likely a compilation of multiple breaches.
The Cybernews report states that the team identified over 26 billion records, though duplicates are also highly likely. The leaked data contains more information than just credentials – most of the exposed data is sensitive and, therefore, valuable for malicious actors.
It includes indexed data from breaches of various government organizations including the US, Brazil, Germany, Philippines, Turkey, and others. Companies whose data has been compromised in the MOAB include Weibo, MySpace, Twitter, Deezer, Linkedin, AdultFriendFinder, Adobe, Canva, VK, Daily Motion, Dropbox, and Telegram.
"The recent data leak demonstrates that cybersecurity is not just a one-time effort but an ongoing process that requires alertness, collaboration, and innovation," said Tamara Kirchleitner, Senior Intelligence Operations Analyst at Centripetal.
"Even if individual data breaches seem limited in impact or scope, when combined, they can pose a significant risk to users and organisations. Personal data can remain vulnerable for years, highlighting the need for continuous monitoring and updating of security protocols," she added.
See also: Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.
As fear mongering around the MOAB continues, its key to note that as the majority of the data contained in this leak is older, the risk of falling victim to an attack based on these records is lower. However, users are cautioned to keep an eye out for suspicious activity and phishing scams.
While the report states that it is unlikely the dataset's owner will be identified, the researchers believe that the owner has a vested interest in storing large amounts of data and, therefore, could be a malicious actor, data broker, or some other service that works with large amounts of data.