Cybersecurity researchers discovered one of the largest data breaches in history, with 361 million unique emails, usernames, and passwords now available for sale on dark web forums.
The massive dataset, totaling 122 GB and containing 2 billion rows of data across 1,700 files, is being offered for a mere $500 through an exclusive Telegram channel.
According to Cyber Press, the breach, discovered in May 2024, appears to be a compilation of data from various sources, including previously compiled combolists and information harvested by sophisticated infostealer malware.
This malware employs advanced techniques to extract sensitive data from infected systems, including keylogging, memory scraping, and even bypassing multi-factor authentication in some cases.
Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files
The compromised data spans a wide range of major tech platforms and services, including:
- Gmail
- Amazon
- Spotify
- Netflix
- PayPal
- LastPass
- Adobe
- Twitch
- Coinbase
Cyber Press researchers have verified the authenticity of the data by testing multiple account credentials, confirming that many are still active and can be used to access various online services. This poses significant risks for affected users, including potential financial theft, identity fraud, and account takeovers.
The scale of this breach is unprecedented, with Gmail alone accounting for approximately 9 million compromised login credentials. The data is being sold through encrypted Telegram channels, which have become increasingly popular among cybercriminals due to their perceived security and anonymity.
Cybersecurity experts are urging users to take immediate action to protect themselves:
- Change passwords for all online accounts, especially those mentioned in the breach.
- Enable two-factor authentication wherever possible.
- Use unique, strong passwords for each online service.
- Monitor accounts closely for any signs of unauthorized access or suspicious activity.
- Be vigilant against potential phishing attempts that may exploit the leaked information.
This massive data leak serves as a stark reminder of the ongoing challenges in cybersecurity and the critical importance of robust online protection measures. As investigations continue, the full impact of this breach remains to be seen, but it undoubtedly represents a significant threat to online privacy and security for millions of users worldwide.
“Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!”- Free Demo