The Mother of All Breaches: Exposed Database Contains 26 Billion Records

Cybersecurity researcher Bob Diachenko of Security Discovery and the team at CyberNews have uncovered what is thought to be the largest-ever collection of stolen data, consisting of more than 26 billion records. The database they identified on an open storage instance contains an astonishing 12 TB of data, and while there are likely to be duplicates in the database it is still thought to be the biggest collection of stolen data ever identified.

The database includes credentials but also other types of sensitive data that would be invaluable to cybercriminals. It is unclear who has compiled the database and likely that that individual will never be identified. The researchers suggest it could be a data broker or another service that works with large amounts of data but is most likely a malicious actor. Such is the scale of the data leak that the researchers have named it the mother of all breaches, or MOAB for short.

An analysis of the data shows the database contains data from thousands of historic breaches and data leaks. They believe the database to be the largest compilation of breaches (COMB) ever discovered. The largest collection of records in the database came from a leak at the Chinese instant messaging app Tencent QQ, and includes 1.4 billion records from that breach, along with many other breaches, 20 of which have more than 100 million records each, including Weibo (504M), MySpace (360M), Twitter (281M), Deezer (258M), Linkedin (251M), AdultFriendFinder (220M), Adobe (153M), Canva (143M), and VK (101M).

“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” explained the researchers. Since many people reuse passwords on multiple accounts, the database could be used for a massive credential-stuffing campaign allowing huge numbers of accounts to be compromised. The researchers expect there to be a big rise in credential stuffing attacks in the coming weeks as a result of this data leak.

The discovery highlights just how important it is to set a unique password for each account and to use a password manager to store passwords securely. Password managers also have a secure password generator to allow users to create unique and complex passwords capable of resisting brute force cracking attempts. If you, like most people, are guilty of reusing passwords, now is the time to conduct a password audit and ensure unique passwords are set for each account and 2-factor authentication is set up for each account. 2-factor authentication may make logging in to accounts more annoying, but nowhere near as annoying and costly as an account compromise.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of