Skip to main content

Unraveling the "Mother of All Breaches": A Cybersecurity Alarm Bell


The "Mother of All Breaches" (MoAB), a term now synonymous with one of the largest data leaks in the history of cybersecurity, has been a jolting wake-up call for digital security worldwide. This breach encompassed a staggering 12 terabytes of information, impacting over 26 billion records. Initially reported by Cybernews, this breach is notable not only for its scale but also for its composition, combining past leaks with new hacks.

Technical Insights

The MoAB includes data from major companies like LinkedIn, X (formerly known as Twitter), Adobe, among others. It predominantly targeted Tencent, with data from 1.5 billion accounts, and Weibo with 504 million accounts. The information originated from thousands of sources, including governmental bodies from the United States, Germany, Brazil, and others.

Understanding Credential Stuffing Attacks

Before diving into the dangers of the old data exposed in MoAB, it is crucial to understand what Credential Stuffing attacks are. This cyber attack method involves using stolen account credentials (usernames and passwords) to gain unauthorized access to user accounts. This is particularly effective due to the common practice of reusing the same login credentials across multiple services. Attackers use automated tools to test these credentials across various websites, exploiting the reuse of passwords to gain unauthorized access.

The Dangers of Old Data

Despite being mostly comprised of previously reported breach data, the old data included in the MoAB poses significant risks. Cybercriminals can use this information for credential stuffing attacks, targeting individuals and businesses with weak password security. The exposed data can also be utilized for spear-phishing attacks or to generate spam emails.

Identifying the Perpetrators and Preventative Measures

Identifying those responsible for compiling such a vast repository of stolen data remains challenging. The MoAB is suspected to have been compiled by cybercriminal gangs or underworld data brokers. Cybernews has created interactive databases to identify which companies and email addresses have been found in the MoAB. Those affected are advised to change their passwords, be alert to phishing emails, and ensure their accounts have multi-factor authentication.


The MoAB marks a critical juncture in cybersecurity history, serving as a stark reminder of the ongoing risks of data breaches. It underscores the importance of robust cybersecurity practices, such as using unique passwords for each account, regularly changing passwords, and employing two-factor authentication. These events signal that both individuals and organizations must continuously review and update their security measures.


Back to all blogs

Featured blogs