'The credential data leak is dangerous simply because of its enormous size': Experts warn "colossal" breach exposes 24 billion records including personal info
Date:
Wed, 17 Jun 2026 11:06:40 +0000
Description:
Someone has been hoarding data leaks from across the web and putting them in
a single Elasticsearch instance.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Cybernews found exposed Elasticsearch database with 24 billion plaintext credentials from 36 sources Archive (~8TB) compiled infostealer logs, Telegram leaks, and prior breach data; regularly updated Owner unknown; mix of English/Russian sources, including 260M records tied to Darkside channels A colossal database containing 24 billion records was found sitting on the internet, available to anyone who knew where to look, including usernames, passwords, and login
URLs, all stored in plaintext.
The Elasticsearch database was discovered earlier this month by security researchers from Cybernews , who believe it is a compilation of different
logs generated by various infostealers. The credential data leak is dangerous simply because of its enormous size, Cybernews said. Since the data leaked online, billions of affected accounts are at serious risk of takeovers, especially if they are not protected with multi-factor authentication. Latest Videos From Watch full video here: Identity unknown The archive was locked down soon after being discovered, barring the Cybernews team from doing any deeper analysis - although they did manage to determine that the information came from 36 different sources, varying from Telegram channels to combined data collections of previous data breaches and datasets exported directly
from live target servers.
The archive was more than eight terabytes in size makint it among the biggest archives ever discovered. Unfortunately, it is impossible to determine how many of the entries are duplicate, although its safe to assume that at least some of them are. You may like Top arcade game maker leaks nearly 19 million user records via WeChat mini app French email provider accidentally leaked 40 million records LOreal, Renault, French government data exposed Millions of hotel goers may have been exposed after hackers steal data and leak it on Telegram
Cybernews also wasnt able to determine the age of the findings but stressed that based on the February 2026 news article contained in the data leak, it could conclude that the cluster was being regularly updated.
The identity of the databases owner remains a mystery. Most of the Telegram sources listed inside were in English, but some were also in Russian. Furthermore, around 260 million records came from Telegram channels with the work Darkside in them, referencing a now defunct ransomware group that was responsible for the catastrophic attack on Colonial Pipeline a few years ago. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Whoever it is, they seem to be actively monitoring the cybersecurity
landscape and updating the collection frequently. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/the-credential-data-leak-is-dangerous-s imply-because-of-its-enormous-size-experts-warn-colossal-breach-exposes-24-bil lion-records-including-personal-info
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)