This … can’t be good.
Cybernews researchers are reporting another massive data exposure, and this one involves 24 billion records. According to Cybernews, the exposed Elasticsearch cluster contained more than 8.3TB of data, including usernames, email addresses, plaintext passwords and login URLs.
The article is titled 24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you?
What makes this one nasty is that Cybernews says most of the data appears to come from infostealer logs. That means malware infected machines, stole saved credentials and related login information, and someone later collected it all into a massive searchable pile.
What was exposed?
- Usernames
- Email addresses
- Plaintext passwords
- Login URLs
- Data from Telegram channels, breach compilations and other collections
Cybernews says the researchers cannot yet confirm how many records are duplicates or how many unique people are affected. That matters, because 24 billion records does not mean 24 billion people. It can include duplicates, old credentials, repeated accounts and recycled breach data.
But that does not make this harmless.
If even a small percentage of those credentials still work, criminals can use them for credential stuffing, account takeover, phishing, extortion, business email compromise and fraud. The real danger is password reuse. If someone reused the same password on email, banking, cloud storage, social media or work accounts, one leaked password can become a key to multiple doors.
What should people do?
- Change reused passwords immediately, especially for email, banking, cloud storage and social media.
- Use a password manager and make every password unique.
- Turn on multi-factor authentication wherever possible.
- Be careful with messages claiming to help you check whether you were exposed.
- Keep systems patched and watch for infostealer infections, especially on personal machines used for work.
If you’re concerned that your accounts may have been exposed in past breaches, services such as Have I Been Pwned and Exposed or Not can help determine whether your email address has appeared in known breach datasets. While they may not immediately reflect data from newly discovered exposures such as this one, they remain useful tools for monitoring your online exposure.
If this sounds familiar, Cybernews reported on a similar issue involving 16 billion credentials last year. You can read my coverage in 16 Billion Credentials Leaked? Not Part Of Any New Breach, Part Of Infostealer Data Possibly?
This is another reminder that password reuse is still one of the biggest problems in security. The exposed server may now be closed, but copied credential data does not simply disappear. Once these collections circulate, they can keep causing damage for years.
Cybernews research is at it again, and once again, the message is simple: if you reuse passwords, stop.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.