26 Billion Records Exposed in "Mother of All Breaches" (MOAB)

Published: February 1, 2024

A colossal data leak, known as the Mother of all Breaches (MOAB), has recently surfaced, containing a staggering 12 terabytes of information across 26 billion records. This breach encompasses data from major platforms including X, LinkedIn, Canva, Adobe, Dropbox, among others, making it one of the largest ever discovered.

Security researcher Bob Dyachenko uncovered this extensive breach, which aggregates records from thousands of previous leaks and breaches. Leak-Lookup identified the owner of the database, citing a “firewall misconfiguration” as the cause, which has since been rectified.

Old & (Potentially) New Data

The MOAB isn’t solely composed of freshly stolen data; it appears to be a compilation of multiple breaches (COMB). While the dataset contains over 26 billion records, duplicates are probable. These records span across 3,800 folders, each corresponding to a separate breach. Though not all folders necessarily contain new information, the sheer volume suggests the inclusion of previously unseen data. The exposed data goes beyond credentials, including sensitive information valuable to malicious actors.

Sites & Services Affected

This breach covers a vast range of services, sites, and organizations. The platforms mentioned previously are not alone. Various businesses and even government organizations in the US and other countries also have records within the leak. For a full list of these sites, please head to the end of this blog to use our custom search field, where you can search for any sites you may have accounts or information stored. This will allow you to make a comprehensive list of all passwords that need to be updated.

The Impact & Our Recommendations

Going forward, the impact on consumers is currently unknown. Due to the unfortunately common practice of password reuse, malicious actors could launch widespread credential-stuffing attacks, potentially leading to spear-phishing attempts and increased spam for affected individuals.

We highly recommend that if you have accounts or information associated with any of the listed sites or services, please make sure to change your passwords IMMEDIATELY. Implementing Multi-Factor Authentication (MFA) on all possible accounts is crucial at this point as well. We also recommend using a password manager to help create and store unique, strong passwords for all of your accounts. Has your business been affected and you’re unsure where to start? Give us a call at 877.426.1337 to set up a free consultation to determine if Accent Consulting can help.

Full List of Sites & Services Affected

Website List
Search the list of impacted websites. Type at least 3 characters to get started.
0 matches found