We have just discovered a Clearnet website, where a vast collection of over 900 leaked sensitive databases can easily be downloaded by the public.
These databases primarily consist of data that was stolen from various major corporations and smaller businesses during previous data breaches.
The extensive collection of leaked databases was found on a single website, containing files of various sizes, ranging from 10 megabytes to over 40 gigabytes each.
It is believed that these databases were collected from BreachForums, a well-known platform for sharing hacked data, over a span of several years.
However, even though there are many databases, some significant breaches are noticeably missing from this compilation.
What's inside?
The directory listing features a diverse array of companies, including well-known names like Wattpad, Yahoo, Audi, Canva, EpicGames, NVIDIA, PlayStation, and Adobe.
Although larger companies have already acknowledged and dealt with these breaches, the directory also contains data from smaller companies and forums that may have gone unnoticed.
The information contained in these databases is vast and differs from one breach to another.
Typically, the information that is commonly included consists of usernames, passwords, email addresses, and personal details like social security numbers, bank information, and health records.
Do older breaches still pose a threat?
Cybersecurity experts warn that older breaches still pose significant risks. A researcher stated:
“Even a breach from 2020 can still be dangerous today. Stolen data, like passwords or personal info, can be used for identity theft or fraud for years. Cybercriminals often reuse this data or sell it on the dark web. With malicious techniques evolving, old breaches can be exploited with new methods.“
Many individuals make the mistake of using the same password for multiple sites, which increases the persistent risk.
As a result, the data obtained from these breaches can still be used by cybercriminals for a significant amount of time, even after the initial breach has taken place.
Directory access issues and errors
Users and researchers have encountered several problems while trying to access the directory, such as experiencing frequent Cloudflare host unreachable errors and unexpected connection closures.
It seems like the host server is facing some challenges due to high traffic, large data size, or other technical issues. This is making it difficult to fully understand the extent and impact of the leak.
How does this compare to previous breaches?
Although this leak is quite large, it is much smaller than the notorious “Mother of All Breaches,” which had a mind-boggling 26 billion records.
The current discovery is quite significant, consisting of about one terabyte of data, mostly from breaches that took place in 2022.
This figure, despite its size, highlights the ongoing struggle of data security and the constant danger presented by cybercriminals.
Given this new finding, it is strongly recommended that users promptly take necessary measures to safeguard their personal information.
Although both the mother of all leaks and the previously discovered largest breach are compilations of collected data, the overall leaked database listing is not as extensive as the latter.
This demonstrates the substantial quantity of data being circulated on the internet from just one forum, demonstrating the collective power of hackers in sharing information.