A database of 26 billion leaked records has been discovered, in what has been called the “Mother of all Breaches.” Fortunately, it actually isn’t as bad as it sounds.
The massive 12-terabyte leak was discovered by cybersecurity researcher Bob Dyachenko, working alongside the team at Cybernews. It isn’t clear exactly who is responsible for the database, however it contains both credentials and sensitive data.
This is undoubtedly bad news. It’s never good to have your personal data left exposed online, where anyone can find and utilise it for nefarious purposes. However, the situation is far from as disastrous as it appears.
The leak is in fact a compiled collection of data from thousands of previous breaches, and doesn’t appear to contain any new information. If you’ve kept up to date on your security, you should have little more to fear than you did yesterday. It’s also reasonable to expect that some of the records are duplicated, so there may not necessarily be 26 billion unique records.
Even so, this doesn’t mean you should be complacent. Given the sheer volume of data and the number of leaks it covers, there’s a high chance your data is included, even if it’s from a breach which occurred years ago that you already know about. It’s a good reminder to refresh your security hygiene, and maybe change a few passwords.
Tencent was the most heavily impacted by the leak, with 1.5 billion records in the compilation. It was followed by Chinese social media platform Weibo at 504 million, MySpace at 260 million, Twitter at 281 million, and Wattpad at 271 million. Other brands included LinkedIn, AdultFriendFinder, Adobe, MyFitnessPal, and Canva.
Government organisations weren’t spared either, with the US, Brazil, Germany, Turkey, and the Philippines among those swept up in the compiled database.
You can use tools such as Have I Been Pwned or Cybernews’ data leak checker to find out whether you’ve been the victim of a data breach. And if you haven’t already, consider using a password manager. It may not prevent leaks, but it will make using unique passwords for all your accounts a lot easier.
