1. Forum
  2. Fidonet
  3. CONSPRCY

  • Expers warn colossal brea

    From Mike Powell@1:2320/107 to All on Wed Jun 17 11:02:56 2026
    'The credential data leak is dangerous simply because of its enormous size': Experts warn "colossal" breach exposes 24 billion records including personal info

    Date:
    Wed, 17 Jun 2026 11:06:40 +0000

    Someone has been hoarding data leaks from across the web and putting them in
    a single Elasticsearch instance -- A colossal database
    containing 24 billion records was found sitting on the internet, available to anyone who knew where to look, including usernames, passwords, and login
    URLs, all stored in plaintext.

    The Elasticsearch database was discovered earlier this month by security researchers from Cybernews , who believe it is a compilation of different
    logs generated by various infostealers. The credential data leak is dangerous simply because of its enormous size, Cybernews said. Since the data leaked online, billions of affected accounts are at serious risk of takeovers, especially if they are not protected with multi-factor authentication.

    Identity unknown -- The archive was locked
    down soon after being discovered, barring the Cybernews team from doing any deeper analysis - although they did manage to determine that the information came from 36 different sources, varying from Telegram channels to combined
    data collections of previous data breaches and datasets exported directly
    from live target servers.

    The archive was more than eight terabytes in size makint it among the biggest archives ever discovered. Unfortunately, it is impossible to determine how
    many of the entries are duplicate, although its safe to assume that at least some of them are.

    Cybernews also wasnt able to determine the age of the findings but stressed that based on the February 2026 news article contained in the data leak, it could conclude that the cluster was being regularly updated.

    The identity of the databases owner remains a mystery. Most of the Telegram sources listed inside were in English, but some were also in Russian. Furthermore, around 260 million records came from Telegram channels with the work Darkside in them, referencing a now defunct ransomware group that was responsible for the catastrophic attack on Colonial Pipeline a few years ago.

    Whoever it is, they seem to be actively monitoring the cybersecurity
    landscape and updating the collection frequently.

    Link to news story: https://www.techradar.com/pro/security/the-credential-data-leak-is-dangerous-s imply-because-of-its-enormous-size-experts-warn-colossal-breach-exposes-24-bil lion-records-including-personal-info

    $$
    --- SBBSecho 3.28-Linux
    * Origin: Capitol City Online (1:2320/107)