Introduction:

The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.

There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.

 

The Magnitude of the MOAB:

The MOAB contains 26 billion records over 3,800 folders, with each folder corresponding to a separate data breach. While this doesn’t mean that the difference between the two automatically translates to previously unpublished data, billions of new records point to a very high probability that the MOAB contains never-before-seen information.

Researchers believe that the owner of the MOAB has a vested interest in storing large amounts of data and, therefore, could be a malicious actor, data broker, or some service that works with large amounts of data.

The supermassive MOAB does not appear to be made up of newly stolen data only and is most likely the largest compilation of multiple breaches (COMB).

While the team identified over 26 billion records, duplicates are also highly likely. However, the leaked data contains far more information than just credentials – most of the exposed data is sensitive and, therefore, valuable for malicious actors.

A quick run through the data tree reveals an astoundingly large number of records compiled from previous breaches. The largest number of records, 1.4 billion, comes from Tencent QQ, a Chinese instant messaging app.

However, there are supposedly hundreds of millions of records from Weibo (504M), MySpace (360M), Twitter (281M), Deezer (258M), Linkedin (251M), AdultFriendFinder (220M), Adobe (153M), Canva (143M), VK (101M), Daily Motion (86M), Dropbox (69M), Telegram (41M), and many other companies and organisations.

 

Global impact and cybersecurity measures:

The leak also includes records of various government organisations in the US, Brazil, Germany, the Philippines, Turkey, and other countries.

According to the team, the consumer impact of the supermassive MOAB could be unprecedented. Since many people reuse usernames and passwords, malicious actors could embark on a tsunami of credential-stuffing attacks.

The leak’s scale is of yet unseen proportions. For example, in 2021, Cybernews reported a COMB that contained 3.2 billion records – only 12% of the supermassive MOAB of 2024.

Everyone should use strong, hard-to-guess passwords, enable multi-factor authentication on all important accounts, keep an eye out for phishing and spear phishing attempts, check for password duplicates, and immediately set up new protection for accounts that share the same passwords.

 

How Logixal can help your business.  

Our cybersecurity experts are on a mission to fortify your business against cyber threats. et our skilled defenders create an impenetrable shield around your data! 🌐🔒

Ready to secure your future? Connect with our experts today at – [email protected]