The threat actors reportedly leveraged stealer logs containing the website address, email address, and passwords.
The datasets reportedly contained from about 3.5 billion records
Photo Credit: Reuters
Cybersecurity researchers have discovered a massive data breach involving tens of millions of leaked Gmail accounts. According to a report, the breach occurred in April of this year and was recently made public, with a record of over 183 million credentials in total. It not only includes email accounts, but also the passwords that are associated with them. The data breach is reportedly part of a larger stealer ecosystem, typically resulting from malware on the victim's machine.
According to cybersecurity expert Troy Hunt, the massive volume of threat intelligence data was collated by Benjamin Brundage from the cybersecurity company Synthient. They managed to pull data from various sources, including criminal marketplaces, social media, forums, and Telegram, amounting to a total of 3.5TB.
The vast corpus contained several files, with the largest of them being 2.6TB in size and featuring a document with almost 23 billion rows. This puts the data breach among the largest ones in recent years, comparable with the mysterious database discovered in May this year that contained 16 billion records.
As per Hunt, the new dataset contained 183 million unique accounts. What's more concerning here is that 16.4 million of those had never been discovered in any data breach prior to this. While most of the data was reportedly sourced from recycled datasets, millions of Gmail accounts were verified, where exposed passwords were still in active use.
The threat actors reportedly leveraged stealer logs containing the website address, email address, and passwords. It involves infecting the victim's machine with malware and capturing credentials as they input them on a website.
Additionally, stuffing lists were also allegedly used, aggregated from other places where credentials are usually obtained, either stored in plain text files or protected with simple, crackable algorithms. As per the report, these lists are then used to access other accounts where the passwords have been reused.
Hunt said that credential stuffing lists are an extremely serious threat as they contain keys to numerous services. They reportedly serve as a gateway to takeovers of an immeasurable number of social media accounts, email addresses, and other personal resources, subsequently resulting in massive data breaches.
The leaked data was sent to the ‘Have I Been Pwned' website, and it is searchable. Users can run their email addresses on the website and check if their credentials have been exposed in any data breach.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.