Security researchers have warned that a database containing no less than 26 billion leaked data records has been discovered. The supermassive data leak, or mother of all breaches as the researchers refer to it, is likely the biggest found to date.
Here’s What You Need To Know
According to researchers from Security Discovery and CyberNews, the newly discovered database of leaked data runs to 12 terabytes in size and deserves the MOAB title.
The research team thinks that the 26 billion record database, found on an open storage instance, will likely have been compiled by a malicious actor or data broker. “Threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” they say.
As well as data from Chinese messaging giant Tencent and social media outfit Weibo, records from users of platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram is also to be found in this database. Worryingly, the researchers also say that records from an assortment of U.S. and other government organizations can be found.
If there is good news to be found in such a discovery, it is that little of this appears to be new data. Instead, the researchers say, it’s more a case of compiled records from thousands of previous breaches and data leaks. What’s more, there are undoubtedly a large number of duplicate data records within this compilation. The inclusion of usernames and password combinations does, however, still mean this is a cause for concern. I’d expect a surge, if current levels aren’t high enough, in credential stuffing attacks over the coming weeks as a result.
Here’s What You Need To Do
“We should never underestimate what cybercriminals can achieve with such limited information,” Jake Moore, global cybersecurity advisor at ESET, says. “Victims need to be aware of the consequences of stolen passwords and make the necessary security updates in response,” Moore continues, “this includes changing their passwords, being alert to phishing emails following the breach, and ensuring all accounts, whether affected or not, are equipped with two-factor authentication.”
Although the data from this latest breach and leak compilation discovery has yet to be entered, you can use this free leak checker tool at CyberNews. This will reveal earlier instances where your email address has been leaked, including some of the services from the MOAB database. You can also use the free Have I Been Pwned service as well.
Above all else, though, don’t panic. If you maintain good credentials hygiene, using strong and unique passwords that are reused elsewhere, as well as two-factor authentication where available, you should be safe. If you don’t, now is a great time to start.
https://news.google.com/rss/articles/CBMid2h0dHBzOi8vd3d3LmZvcmJlcy5jb20vc2l0ZXMvZGF2ZXl3aW5kZXIvMjAyNC8wMS8yMi9tYXNzaXZlLTI2LWJpbGxpb24tcmVjb3JkLWxlYWstZHJvcGJveC1saW5rZWRpbi10d2l0dGVyeC1hbGwtbmFtZWQv0gF7aHR0cHM6Ly93d3cuZm9yYmVzLmNvbS9zaXRlcy9kYXZleXdpbmRlci8yMDI0LzAxLzIyL21hc3NpdmUtMjYtYmlsbGlvbi1yZWNvcmQtbGVhay1kcm9wYm94LWxpbmtlZGluLXR3aXR0ZXJ4LWFsbC1uYW1lZC9hbXAv?oc=5
2024-01-22 19:21:12Z
CBMid2h0dHBzOi8vd3d3LmZvcmJlcy5jb20vc2l0ZXMvZGF2ZXl3aW5kZXIvMjAyNC8wMS8yMi9tYXNzaXZlLTI2LWJpbGxpb24tcmVjb3JkLWxlYWstZHJvcGJveC1saW5rZWRpbi10d2l0dGVyeC1hbGwtbmFtZWQv0gF7aHR0cHM6Ly93d3cuZm9yYmVzLmNvbS9zaXRlcy9kYXZleXdpbmRlci8yMDI0LzAxLzIyL21hc3NpdmUtMjYtYmlsbGlvbi1yZWNvcmQtbGVhay1kcm9wYm94LWxpbmtlZGluLXR3aXR0ZXJ4LWFsbC1uYW1lZC9hbXAv
Tidak ada komentar:
Posting Komentar