Does the Mother Of All Breaches Matter?
What is the Mother of All Breaches?
In January of 2024, security researcher Bob Dyachenko discovered a supermassive data leak, consisting of an astounding 12 terabytes of information and containing over 26 billion records.
The leak involved many platforms’ user data from popular applications like Venmo, Adobe, LinkedIn, Twitter, Weibo, Tencent, and more, and included credentials as well as other personally identifiable information. The breach rapidly became front page news under the name Mother of All Breaches—or MOAB for short.
The MOAB includes records from thousands of well-organized and reindexed leaks, breaches, and privately sold databases.
Does the Mother of All Breaches Matter?
Yes and No.
Despite MOAB being a rather impactful headline, whether or not the breach matters is a matter of slight debate, given the vast majority of material was from previous breaches. Known as a “COMB” or compilation of many breaches, the data has likely been available on the dark web for a while. Not many pieces of data were considered newly stolen.
However, every time a breach occurs the collective impact increases. Especially with the amount of password reuse, the (re)selling and redistribution of these details will definitely increase the number of ransomware attacks, spam calls, and phishing emails. Considering some of the other sites involved in the breach—Dropbox and MyFitnessPal were also among those impacted—it’s very likely the affected passwords were being reused across accounts. In turn, this puts a significant number of organizations at risk of Account Takeover.
In essence: consequences will arise and only time will show how far-reaching this MOAB is.
What’s the biggest data breach in history?
While there was some talk from CyberNews and McAfee about this breach being the biggest in history, “MOAB” is a bit of a misnomer. If discussing newly exposed data, the MOAB isn’t in the running. The “biggest data breach” certainly involves billions of pieces of data, after which it could be argued the scale becomes rather irrelevant. That said, the MOAB is certainly easily considered one of the “biggest in history” given the sheer number of records (re)published at once.
This brings us back to the question of whether or not the MOAB ‘matters’. The real conclusion is that all breaches have an impact—not just the largest ones and certainly not the most publicized ones. Smaller breaches can present an outsized risk because they’re not as socialized, they’re more frequent, and they may be the result of highly targeted attacks.
What should businesses do about the Mother Of All Breaches?
Whether or not the business in question has been using the sites with credentials leaked in the January 2024 MOAB, the steps to protect customers and employees are the same:
- Screen for compromised credentials
Enzoic’s credential screening solutions continuously monitor user credentials against a database of compromised passwords and known threats. By identifying compromised credentials in real-time, institutions can prevent unauthorized access and proactively mitigate the risk of account takeover. Enzoic’s threat research team uses cutting-edge methods to gain access to compromised credentials long before they become part of aggregated datasets. In the previously mentioned cases of the MyFitnessPal and Dropbox breaches, for example, Enzoic researchers obtained the data over 4 years before they appeared in the MOAB. - Follow NIST password guidelines
For organizations and IT professionals alike, NIST guidelines and the NIST cybersecurity framework can quickly become the foundation for best practices in data security. - Education
Educating your employees and customers about the implications of password reuse, as well as the impact of data breaches on their personal safety, is a tricky process. Finding familiar points of knowledge is a good first step, whether someone is a Taylor Swift or a football fan.
It’s unfortunate, but likely, that the MOAB is the first of many compilation breaches we’ll see in the next few years. While the impact might not be as much of an emergency as data breaches with fresh material, the organization and availability of the data underscore worries in the risk management ecosystem—namely that stolen PII is being widely used for nefarious purposes, and most companies are in no way adequately protected. Now is the right time to take preventative steps to keep your company safe.
*** This is a Security Bloggers Network syndicated blog from Blog | Enzoic authored by Enzoic. Read the original post at: https://www.enzoic.com/blog/does-the-mother-of-all-breaches/
