The recently discovered supermassive leak is an extensive collection of data from various past breaches. It includes a staggering 12 terabytes of information, encompassing a mind-blowing 26 billion records.
This leak is believed to be the largest ever found, containing user data from platforms such as LinkedIn, Twitter, Weibo, Tencent, and others.
The MOAB, short for Mother of all Breaches, is an extensive collection of records obtained from numerous compiled and reindexed leaks, breaches, and privately sold databases.
Bob Dyachenko, a renowned cybersecurity researcher and owner of SecurityDiscovery.com, in collaboration with the Cybernews team, made the astounding discovery of billions upon billions of exposed records. These records were found on an open instance, and it is highly unlikely that the owner will ever be identified.
Based on the assessment, the leaked dataset not only consists of information from previous data breaches but also includes new data that has not been previously published.
For instance, Cybernews data leak checker incorporates data from a wide range of major data breaches, comprising over 2,500 incidents and a staggering 15 billion records.
The Cybernews data leak checker allows you to verify if your data has been compromised in previous data breaches. Check to see if your information was exposed in the MOAB (Mother of all Breaches).
Mother of All Breaches Data Leak Details: 26 Billion Records Leaked
The mother of all data breaches (MOAB) encompasses a staggering 26 billion records organized into 3,800 folders, with each folder representing a distinct data breach.
Although this does not guarantee that all the additional records are unpublished data, the presence of billions of new records strongly suggests the inclusion of previously unseen information within the MOAB.
Researchers speculate that the owner of this massive collection likely has a specific motive for storing such extensive data. This individual could potentially be a malicious actor, data broker, or a service provider working with large volumes of data.
“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,”
The researchers said.
MOAB (Mother of All Breaches) is a Compilation of Multiple Breaches (COMP)
Upon closer examination, it appears that the supermassive MOAB (mother of all breaches) is not exclusively comprised of recently stolen data. Instead, it is believed to be the largest compilation of multiple breaches, known as COMB.
While there are over 26 billion records, it is highly probable that duplicates exist within the dataset. Nevertheless, it is important to note that the leaked data contains a wealth of sensitive information beyond just credentials. This makes it highly valuable to malicious actors who may exploit it for various purposes.
Upon a thorough analysis of the data tree, it is evident that an exceptionally large number of records have been compiled from previous breaches. Notably, the highest number of records, amounting to a staggering 1.4 billion, originates from Tencent QQ, a Chinese instant messaging app.
Additionally, there are reportedly hundreds of millions of records from various platforms, including:
- Telegram (41 million)
- Daily Motion (86 million)
- Dropbox (69 million)
- VK (101 million)
- Canva (143 million)
- Adobe (153 million)
- Linkedin (251 million)
- Deezer (258 million)
- Twitter (281 million)
- MySpace (360 million)
- AdultFriendFinder (220 million)
- Weibo (504 million)
- Tencent QQ (1.4 billion)
The leak also comprises records from numerous government organizations in countries such as the US, Brazil, Germany, Philippines, Turkey, and others.
The Impact of MOAB with 26B Records Data Leak Can Be Unprecedented
The potential impact on consumers resulting from the supermassive MOAB with 26B Records Data Leak could be unparalleled. As many individuals tend to reuse usernames and passwords across different accounts, malicious actors could exploit this by launching a significant wave of credential-stuffing attacks.
“If users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts. Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails,”
The researchers said.
The scale of the current leak is unprecedented and surpasses anything seen before. As a point of comparison, in 2021, Cybernews reported a COMB that consisted of 3.2 billion records. This is merely 12% of the vast magnitude of the supermassive MOAB discovered in 2024. The contrast underscores the immense size and significance of the current breach.
Security Precautions Against Data Leaks and Breaches
It is highly recommended for everyone to prioritize their online security by adopting certain practices.
These include creating strong and difficult-to-guess passwords, implementing multi-factor authentication for all crucial accounts, remaining vigilant against phishing and spear phishing attempts, regularly checking for password duplicates, and promptly strengthening the security of any accounts that share the same passwords.
By taking these precautions, individuals can significantly enhance their protection against potential cyber threats.
