Advertisement

'The mother of all breaches'—26 billion records leaked including stolen user logins, so may we suggest you finally change that old password?

 The Enigma, a mysterious hacker, hacks mysteriously.
The Enigma, a mysterious hacker, hacks mysteriously.

If you're still hanging on to that old password, here's some news that should change your mind: Cybersecurity researcher Bob Dyachenko and the team over at Cybernews have discovered an open instance containing a gigantic 12TB of user data, in what they're referring to as the "mother of all breaches", and it seems like it might be the biggest user information leak yet.

While the bulk of the data seems to be made up of information already known to be leaked, in a sort of greatest hits package of stolen info (via PC World), the assumption is that new data is likely to be included too.

This is said to include login information, passwords and user data for multiple popular sites, including LinkedIn, Twitter, Weibo and Tencent, although that list is likely to be far from comprehensive given the size of the breach.

Given that surveys show that many people use the same passwords for multiple different accounts, all it would take for these users is one breach in order to gain access to them all, or at least give a potential attacker a good idea of where they should be aiming to break into a different account with a similar login.

Data breaches can happen to multiple sites on an almost daily basis, so if you think you're immune, think again. A quick scout through the recent headlines reveals a UK water provider breached by a ransomware group, an email security breach at Microsoft, and even popular sandwich chain Subway under attack.

Is nothing sacred? I mean, even our sandwich providers now too. The rogues!

The good news is there are already multiple different ways you can check to see whether your details have already been made public or are in danger of being used for nefarious purposes, including Have I Been Pwned or similar services provided by antivirus providers like Avast.

However, it's safe to say that even these leak checkers can't always be completely up to date with the very latest breaches, so it's good practice to assume that if you've been using the same details for a while, there's a decent chance that they may well have been leaked regardless of how careful you've been.

Thinking of upgrading?

Windows 11 Square logo
Windows 11 Square logo

Windows 11 review: What we think of the latest OS.
How to install Windows 11: Our guide to a secure install.
Windows 11 TPM requirement: Strict OS security.

While it can feel like a bit of a hassle to go through your accounts and change your login information, or even a gigantic challenge for those of us that have been around long enough to own hundreds of different accounts, taking some time to at least change your most frequently used login details would go some way towards upping your protection.

There are also of course password managers like Bitwarden or LastPass, although the latter is not immune to attempted breaches. Total security isn't possible, of course, but techniques like this make you a much more difficult target, and that can make all the difference.

It's a pain, I know, but given so much of our lives now exists in the digital world, it's time to protect your online accounts with the same diligence you protect your house, your car, or your bank details.

Now if you'll excuse me, I've got some login details I must take a look at, and a back door lock to fix.