There were about 16 billion passwords to Apple, Facebook, Google, and other social media accounts, as well as government services, that were leaked in what researchers are calling the largest data breach ever, according to reports.
The leak exposed 16 billion login credentials and passwords, prompting both Google to tell billions of users to change their passwords and the FBI to warn Americans against opening suspicious links in SMS messages, according to a report published a few days ago in Forbes.
Researchers at Cybernews, who have been investigating the leak, found "30 exposed datasets containing from tens of millions to over 3.5 billion records each."
All but one of these datasets have not been previously reported as being exposed, so the data impacted is all considered new.
"This is not just a leak – it’s a blueprint for mass exploitation," the researchers said. And they are right. These credentials are ground zero for phishing attacks and account takeover. "These aren’t just old breaches being recycled," they warned, "this is fresh, weaponizable intelligence at scale."
Most of that intelligence was in the format of a URL, followed by logins and passwords. That information then allowed access to "pretty much any online service imaginable, from Apple, Facebook, and Google, to GitHub, Telegram, and various government services."
While worrisome, the researchers found that the datasets were exposed very briefly – with enough time for them to be discovered, but not long enough for researchers to figure out who was controlling the data.
No comments:
Post a Comment