A startling discovery in the world of information security has brought to light the "Mother of All Breaches": a massive collection of stolen sensitive data, gathering information from well-known platforms such as LinkedIn, X (formerly Twitter), Adobe and others. This vast trove of data, spanning some 12 terabytes, was uncovered through the joint work of security researcher Bob Dyachenko and the Cybernews team.
This breach is remarkable not only for its size, but also for the nature of the data it contains. While much of it consists of information from past breaches, its potential for harm remains high. The data includes billions of records from Chinese messaging apps such as Tencent and Weibo, alongside millions from Western platforms such as MySpace, X and Telegram. The real danger lies in the fact that, given the sheer size of the collection, the presence of more recent, and therefore particularly sensitive, data cannot be ruled out.
The danger to users should not be underestimated. Cybernews warns that cybercriminals could exploit this data to orchestrate attacks of various kinds, from classic identity theft to sophisticated phishing scams, not to mention brute-force attack techniques. Anyone whose data is included in this breach should clearly take precautionary measures, such as changing passwords and enabling two-factor authentication.
At the moment, the origin of this massive collection of stolen data remains a mystery. Investigations are ongoing, but as industry experts point out, identifying those responsible for a theft of this scale won't be an easy task. In the meantime, Cybernews has made two interactive databases available to check whether specific email addresses or companies appear within the MOAB.
Industry experts, such as Hanah Darley of Darktrace, suggest that behind the "Mother of All Breaches" may be a so-called "initial access broker". This figure operates in the cybercrime black market, selling access to compromised systems. The heterogeneous composition of the MOAB suggests that much of this data may already have been exploited or targeted, making its risk assessment even more complex.