'Mother of all breaches' hits 26 billion records

Data included from social media and other sources

Twelve terabytes is equivalent to more than 15,000 filing cabinets of data

Image:
Twelve terabytes is equivalent to more than 15,000 filing cabinets of data

A massive data breach containing records from LinkedIn, Weibo, Twitter and other platforms has been called the largest leak ever discovered.

Researchers from Security Discovery and CyberNews have found a supermassive dataset around 12TB in size, containing tens of billions of records from "thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases."

The records were found in an open storage instance probably owned by a malicious entity - but the owner is unknown and unlikely to ever be identified. The researchers say it could be "a malicious actor, data broker, or some service that works with large amounts of data."

The storage instance contains 26 billion records across 3,800 folders - each pertaining to a separate data breach. While the information is mostly from past breaches, there is almost certainly new data in a trove of this size.

By far the largest source of data in the breach came from Tencent, with 1.5 billion records. After that was Weibo, with 504 million, and then MySpace (360 million), Twitter (281 million) and Wattpad (271 million), a site where authors can publish their own fiction.

Other companies like Zynga, NetEase, Canva and MyFitnessPal were also included.

Several of the data sources are notable as Chinese firms (Tencent, Weibo, NetEase, Badoo), but as these are companies with gigantic domestic user bases that doesn't necessarily point to a Chinese source.

Firms from as far apart as Turkey, the USA and Brazil were also affected.

Because many people re-use usernames and passwords on multiple sites, the researchers have warned of a surge in credential-stuffing attacks as part of the fallout of the breach.

"Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails," they warned.

Computing, in case you were wondering, is not on the list of breached sites.

Various websites have put out statements about investigating the claims, including LinkedIn, and a steady stream of comments has been pouring into the Computing inbox - although they can all be summed up as, "Credential stuffing attacks are coming, maybe consider changing your password."