Cybersecurity researchers have issued a warning following the discovery of a data breach, comprising over 26 billion records, including user data from digital platforms such as LinkedIn, X (formerly Twitter), Snapchat, Weibo, Tencent, and several others.
This data leak, containing 12 terabytes (TB) of information, has been described by researchers as the largest breach to date.
Security Discovery and Cybernews researchers were behind the detection of this massive data leak, revealing that while a substantial portion of the data originates from previous breaches, it likely contains previously undisclosed new material.
The dataset encompasses more than login credentials, with a significant amount of sensitive information making it a valuable asset for malicious actors. The data comprises 3,800 files, each representing a different data breach, resulting in a total of 26 billion records.
“The dataset is dangerous as threat actors could leverage the aggregated data for a range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” cautioned the researchers.
Noteworthy among the affected platforms is Tencent QQ, a Chinese instant messaging app, with a staggering 1.4 billion records. Other platforms include Weibo (504 million), MySpace (360 million), Twitter (281 million), Deezer (258 million), LinkedIn (251 million), AdultFriendFinder (220 million), Adobe (153 million), Canva (143 million), VK (101 million), Daily Motion (86 million), Dropbox (69 million), Telegram (41 million), and many others.
In response to the alarming discovery, LinkedIn issued a statement stating, “We are working to fully investigate these claims, and we have seen no evidence that LinkedIn’s systems were breached.”
The far-reaching implications of the database extend to records from various government organizations in the US, Brazil, Germany, the Philippines, Turkey, and other countries. The researchers emphasized the potential consequences for users, warning that those using identical passwords across multiple accounts may be vulnerable to spear-phishing attacks and a surge in spam emails.
