A massive data breach dubbed the “Mother of All Breaches” has exposed over 26 billion user records from major sites including Twitter, LinkedIn, and Dropbox. The exposed data includes email addresses, phone numbers, IP addresses, and more sensitive information on billions of users.
Over 26 Billion Records Exposed
According to cybersecurity researcher Bob Diachenko who discovered the breach, the leaked data originates from several different sources. However, the main source of the breach appears to be a vulnerable Elasticsearch server which contained over 4 terabytes of data.
This server was left unsecured and accessible to anyone without a password. Diachenko suspects hackers may have scraped and compiled data from this server over a long period of time. In total, the entire data leak contains 26,035,438,046 records – making it the largest ever known data breach.
Diachenko reported the breach to internet service providers who secured the servers on January 14. However, the data had already been distributed onto hacker forums at that point.
Major Sites Impacted
While the origin of the data is still being investigated, records from several major sites were found in the leaked data according to Diachenko and cybersecurity experts who have analyzed the breach:
- Twitter: Email addresses and phone numbers of over 400 million Twitter users were exposed. This represents nearly half of all Twitter accounts according to Twitter’s latest user statistics.
- LinkedIn: Email addresses, phone numbers, and some physical addresses from over 500 million LinkedIn users were found – over 50% of LinkedIn members. Though LinkedIn encrypts passwords, the email addresses could enable potential future hacking attempts.
- Dropbox: 61 million records containing Dropbox user ids, emails, names, and some passwords were exposed. Though Dropbox has over 700 million registered users, this subset likely represents active Dropbox users.
- Other Sites: Smaller leaked datasets were found relating to Twitch, PayPal, YouTube, and TikTok users. However the main sites impacted remain Twitter, LinkedIn, and Dropbox.
Exact Sources Still Being Investigated
While major leaks related to Twitter, LinkedIn, and Dropbox users were uncovered, cybersecurity experts say the exact sources exposed in the bigger 26 billion record mega breach remain unconfirmed.
The leaked records could originate from:
- Hacks of the actual sites like Twitter, LinkedIn, and Dropbox
- Public web scraping of site data
- Breaches of third party companies that store user data
- Compiled data purchased from cybercriminal groups
Twitter, LinkedIn, and Dropbox have not yet commented on this specific breach. So it’s still unknown if the hacked data came from the three tech giants directly or another upstream source.
Cybersecurity researcher Jerome Dang told Forbes:
“The exact origins of the breached data remain unknown…that said, the information we’ve uncovered so far suggests it being an aggregation of old breaches, web scrapes, and data leaks collected into one single database.”
Tracing back all 26 billion records will be challenging and require cooperation across different cybersecurity researchers and tech companies.
Steps Users Can Take to Protect Their Data
While the full impact of this record breaking “Mother of All Breaches” remains to be seen, there are steps users can take to help minimize future cyber hacking risks:
Use Unique Passwords: If you reused the same password across multiple sites, consider changing all passwords to unique ones. Avoid using breached emails and passwords combos on any other accounts.
|Steps to Take
|No passwords leaked but change password as precaution
|No passwords leaked but change password as precaution
|Some hashed passwords seen so change password
Enable Two-Factor Authentication: Sites like Twitter, LinkedIn, and Dropbox all offer options to add an extra step to logins such as requiring a code from your phone. This prevents hackers from accessing accounts even if they have your username and password.
Monitor Accounts for Suspicious Activity: Carefully review accounts and security notifications for any unauthorized access attempts. Report any suspicious logins or activity you don’t recognize.
Avoid Password Re-Use in the Future: Experts recommend using a password manager to enable using an unique, randomized password for every site and account you use going forward. This prevents a breach on any one site from impacting your security across other accounts.
Long Term Impacts Still Unfolding
While assessing the full impact of this breach will take time, previous “mega breaches” can provide some indication of what to expect in the coming months:
Increased Phishing/Spam: Experts warn users may notice an uptick in phishing emails, text messages, and phone calls as hackers leverage the leaked data and try gaining access to current accounts. Links should be carefully validated before visiting sites or providing any personal information.
New Breaches Enabled: Combining leaked emails and passwords from this breach with information from older breaches may allow gaining access to accounts not directly impacted. Some users may find additional accounts compromised over time as a result.
Account Takeovers Attempted: Particularly for sites like Dropbox where some hashed passwords were exposed, hackers will target gaining access to both corporate and personal accounts which can enable further cybercrime.
The scale of this 26 billion record “Mother of All Breaches” likely means fallout may continue impacting individuals and businesses for years to come. Staying vigilant around account security and monitoring unusual activity remains essential.
Continuing Coverage on The Latest News:
As more details around the sources and impacts of this record setting breach continue unfolding, follow these links to our latest breaking coverage:
- How to Check If Your Data Was Leaked and Steps to Protect Yourself
- Drawing Connections Between the Major Sites Breached in the Leak
- Assessing the Short and Long Term Fallout of the 26 Billion Record Mega Breach
We will analyze statements from all impacted companies as they comment on this unfolding situation. Plus bring you the latest security tips from cyber experts on steps individual users and enterprises should take in response to this threat.
To err is human, but AI does it too. Whilst factual data is used in the production of these articles, the content is written entirely by AI. Double check any facts you intend to rely on with another source.