- The researchers found 30 databases housing 16 billion online records
- The files have probably been generated by infostelars
- The recordings come from a wide range of suppliers, from Apple to Google and many others
Security researchers have reported that they have discovered what could be the mother of all data violations – a set of 30 databases containing a total of 16 billion files.
These recordings were probably generated by various cybercriminals (and perhaps hackers or researchers in white hat) using different infostences malware, a new report Cyberness complaints.
The researchers note that the databases differ in size – from those “smaller” containing only millions of admissions, to billions of gigantic files, with Google accounts, Apple to various VPN, Github, Telegram, and more – and more – and 30 sets of discovered data, only one had been reported previously by the media, a “mysterious” data with 184 million Records.
Scrape the surface
“He barely scratched the top 20 of what the team has discovered”, ” Cyberness explain. “More worrying, the researchers say that new sets of massive data are emerging every few weeks, signaling how much the malicious software for the widespread infosteller are really.”
The databases were not briefly available on the wider internet and were quickly locked – however, it was not possible to determine who the owners are.
It is likely that a lot of information overlapping, which almost makes it impossible to determine exactly the number of people affected. It is also important to note that some 5.5 billion people have internet access today, which means that many people have several compromised accounts.
Unprotected databases continue to be the most common cause of data leaks. For years, security researchers warn that many organizations do not include the shared liability model for cloud services and that they are required to protect and secure the data they generate.
On the other hand, cybercriminals spend a day on the ground with these archives. They often contain more than enough sensitive information to launch highly personalized and successful phishing campaigns, leading to identity theft, wire fraud and even ransomware attacks.
