- The researchers found 30 databases that house 16 billion online records
- The records were probably generated by the inflators
- Records come from a wide range of suppliers, from Apple to Google and many more
Security researchers have reported that they discover what the mother of all data violations could be, a set of 30 databases containing a total of 16 billion records.
It is very likely that these records were generated by several cybercriminals (and possibly the computer pirates or investigators of white hat) using different infestation malware, a new report of Cybernews claims.
The researchers point out that the databases differed in size, from the “smaller “s that contained only millions of tickets, to gigantic that house billions of records, with Google, Apple accounts, to several VPN, Github, Telegram and more services, and of the 30 sets of discovered data, only one had been previously informed by the media, a” mysterious “database” with 184 million of records.
Scratching the surface
“As soon as you scratch the top 20 of what the team discovered”, Cybernews explained. “The most worrying, the researchers claim that new massive data sets arise every few weeks, which indicates how frequent the infostaler malware is really.”
The databases were available for the wider Internet only briefly, and they were blocked quickly, however, it was not possible to determine who owners are.
It is likely that much of the information will overlap, which makes it practically impossible to determine exactly how many people were affected. It is also important to keep in mind that some 5.5 billion people have internet access today, which means that many people have multiple accounts.
Unprotected databases continue to be the most common cause of data leaks. For years, security researchers have warned that many organizations do not understand the shared responsibility model of cloud services, and that they are obliged to safeguard and ensure the data they generate.
On the other hand, cybercriminals are having a field day with these files. They often contain more than enough confidential information to launch highly personalized and successful phishing campaigns, leading to identity theft, cable fraud and even ransomware attacks.
