An extensive database consisting of a staggering 26 billion meticulously curated and reindexed data records has recently appeared on an unprotected online platform. This dataset, referred to by experts as the “Mother of all Breaches” (MOAB), encompasses an astonishing 12 terabytes of personal information sourced from various websites, including several big industry names:

• X (281 million)
• Tencent QQ (1.5 billion)
• Adobe (153 million)

The repository of sensitive data encompasses usernames and passwords from tools like Canva to government records from the United States, Brazil, Turkey, Germany, and more.

The discovery of the data trove is down to the diligent efforts of Bob Dyachenko, a cybersecurity researcher and the proprietor of SecurityDiscovery.com, along with the collaborative work of the Cybernews team, who have been investigating its origins.

The research community believes that the owner has a vested interest in storing large amounts of data and could be a malicious actor, data broker, or other large-scale service with the capability to mine massive volumes of data.

The sheer magnitude of the records alone is cause for profound concern. The MOAB is probably the largest “compilation of multiple breaches” (COMB). Enough to arm malicious entities with abundant ammunition to carry out “identity theft, sophisticated phishing schemes, and targeted cyberattacks,” according to Dyachenko.

A faint silver lining of the breach is the confirmation that a significant portion of the records are outdated. Primarily, the MOAB is an amalgamation of prior breaches and leaks, albeit with numerous duplications.

Also Read: The Largest Data Breaches In The Middle East

With that being said, experts also warn that many people use the same passwords across services like Netflix and Gmail, allowing attackers to use the information from MOAB to breach more sensitive accounts.

The full extent and implications of the “Mother Of All Breaches” remain undetermined. The immediate priority lies in uncovering the source and motivation behind this colossal data repository. In the interim, it’s vital to ensure you haven’t used the same password across multiple services or, at the very least, to periodically change those in use.