A database with details of 26 billion online accounts is circulating on the Internet. A data breach of this magnitude has never been discovered before. Some Belgian websites also appear.
Cybernews, which helped discover the database, calls it the “mother of all data leaks.” The database contains data from 26 billion accounts, three times the entire world population. This requires no less than 12 TB. It is unclear who is behind the database and what their motivations may be, although Cybernews believes there is a good chance the database was not leaked with good intentions.
To be clear, this does not affect newly leaked data. The database is a collection of data from previous data breaches. Therefore, there is a good chance that certain accounts will return to the database multiple times. According to Cybernews, this is “sensitive data” that goes beyond login details. If the data falls into the wrong hands, it can have damaging consequences for the people involved.
Belgian websites
China’s Tencent appears to be the most generous sponsor: the database contains 1.5 billion accounts of the messaging app. Number two also comes from China, namely the YouTube alternative Weibo with 500 million accounts. Other well-known names in the social media landscape include MySpace (360 million), X (281 million) and LinkedIn (251 million).
There are also a few websites that appear in the database. Its most striking name is Ghent University. Cybernews has launched a tool to help you look up which websites appear in the database (don’t worry: ITdaily is not one of them). If you want to know if your accounts are at risk, there is also a tool on the website.
Massive data breaches are not uncommon, but this is by far the largest ever discovered. The leak we reported on last week involving 70 million passwords seems small in comparison, but in this case it involved millions of passwords that have never been leaked before. If third parties have access to your login details, it is better to be on the safe side and change the password as soon as possible. Always enable multi-factor authentication if the website offers it.