A massive data leak that includes information from several past breaches with a staggering 12 terabytes of data, covering at least 26 billion records, is available on the dark web. This breach involved user data from platforms such as LinkedIn, Twitter, Weibo, Tencent, and others, making it the largest data leak ever identified. Continue reading this Cybersecurity Threat Advisory for actions to take to secure user accounts from possible cyberattacks.

What is the threat?

This threat incorporates records from thousands of carefully compiled and reindexed leaks, breaches, and privately traded databases. The recently identified database of leaked data is a substantial 12 terabytes in size, earning it the title “MOAB” or Mother of All Breaches.

Why is it noteworthy?

The MOAB doesn’t seem to consist solely of newly stolen data; it’s likely the largest compilation of multiple breaches (COMB). Although the team identified over 26 billion records, duplicates are highly probable. However, the leaked data goes beyond just credentials; a considerable portion contains sensitive information, making it valuable for malicious actors.

What is the exposure or risk?

Malicious actors could exploit the consolidated data for various types of attacks, such as identity theft, sophisticated phishing schemes, targeted cyberattacks, and gaining unauthorized access to personal and sensitive accounts. This situation involves compiled records from numerous past breaches and data leaks. Notably, the leaked information encompasses records from various government organizations in the US, Brazil, Germany, Philippines, Turkey, and other countries. An increase in credential stuffing attacks is anticipated in the coming weeks as a consequence of this breach.

What are the recommendations?

Barracuda recommends taking the following measures to help secure your organization’s user accounts from this MOAB:

• It is highly advised for users to remain vigilant and prioritize their cybersecurity practices. Ensuring good credential hygiene, and enabling two-factor authentication where possible, is essential for maintaining security. If you haven’t done so yet now is an excellent time to start implementing these measures.
• Ensure that everyone employs robust and difficult-to-predict passwords.
• Add an extra layer of security by enabling multi-factor authentication on all crucial accounts.
• Stay alert to potential phishing and spear phishing attempts, and exercise caution when interacting with emails and messages.
• Regularly review and eliminate password duplicates to enhance security.
• Immediately implement new protective measures for accounts that share the same passwords to strengthen their security