Massive Data Leak Exposes Billions of Personal Information
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
In a never-before-seen database leak, security researchers found billions of personal information exposed online. The 12TB of information, containing over 26 billion records of previously exposed breaches was discovered by a team of cybersecurity researchers at Cybernews and Bob Diachenko .
Dubbed as the Mother of all Breaches, the exposed data is available on open instance and can be accessed by any user. It is said to contain data in over 3,800 folders, with each folder signifying a separate breach.
‘’While this doesn’t mean that the difference between the two automatically translates to previously unpublished data, billions of new records point to a very high probability, the MOAB contains never seen before information,’’ the researchers said.
Among the exposed records, the largest number is from Tencent customers (1.5 billion); Weibo, a Chinese messaging app like WhatsApp (504 million), MySpace (360 million); X (formerly Twitter) had 281 million records exposed, along with 251 million from LinkedIn. The list is also said to contain records of various companies and government organizations in Brazil, Germany, the US, among others.
Moreover, it is very likely that this leak does not contain data from any new undiscovered leak, but mainly contains records of past data breaches. Due to the high number of records, it is also likely to contain a sizable number of duplicates.
While the type of personal information contained in these records remains unclear, it is believed to contain ‘’far more information than just credentials – most of the exposed data is sensitive and, therefore, valuable for malicious actors,’’ the researchers believe.
‘’Every single data breach ever reported or sold was carefully collected by an unknown actor and left in a misconfigured instance,” tweeted Diachenko on X.
In light of this incident, it is imperative that users, especially those who reuse usernames and passwords, immediately change their passwords, enable 2-factor authentication, and stay vigilant of phishing emails and messages.
Framework Suffers Data Breach After Phishing Attack on Accounting Partner
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Framework Computer disclosed a data breach where personal information of an unspecified number of customers was accessed by hackers, following a phishing attack on its accounting service provider.
The US-based laptop maker, known for user-upgradable and repairable devices, in an email to affected customers revealed that an accountant at its external vendor, Keating Consulting, fell victim to a social engineering attack.
‘’On January 9th, at 4:27 am PST, the attacker sent an email to the accountant impersonating our CEO asking for Accounts Receivable information pertaining to outstanding balances for Framework purchases,’’ the email read.
On January 11, deceived by the email, the employee shared a spreadsheet containing customer information like, full name, email address, and balance owned, with the hacker. “Note that this list was primarily of a subset of open pre-orders, but some completed past orders with pending accounting syncs were also included in this list.”
Framework went on to say that its Head of Finance was notified of the breach, approximately 29 minutes after the accountant replied to the seemingly legitimate email. Subsequently, Keating Consulting was informed of this incident and an investigation led Framework to identify and notify impacted customers of the data breach via email .
The company further went on to announce certain mitigation measures that would prevent occurrence of similar incidents in the future. In addition to auditing Keating’s ‘’standard operating procedures around information requests,’’ it will also provide mandatory social engineering and phishing attack training to all employees having access to customer information.
Furthermore, it advised and warned customers that their stolen information can be used by hackers for nefarious purposes. For instance, impersonating Framework to commit financial fraud.
It also informed customers that emails from the company are only sent from ‘support@frame.work’ and never any payment information requests are made over emails. ‘’We will only provide an “Action Required” email when an official payment capture fails, which includes a link to the Framework website to update payment information to enable final payment capture,’’ Framework stated.
