Ethical Hacking News
Security researchers have uncovered a massive data breach exposing 24 billion stolen credentials from infostealers, Telegram channels, and breach collections. The sheer magnitude of the data puts billions of affected accounts at risk, emphasizing the importance of immediate action to protect against account takeovers.
Cybernews researchers discovered an exposed Elasticsearch cluster containing 24 billion records and over 8.3 terabytes of data.The dataset includes stolen credentials, Telegram channels, breach collections, and plaintext passwords from infostealers.Around 260 million records came from Telegram channels with "Darkside" in the name, while 150 million originated from a "local database dump."146 million records were from a "breach compilation combo," which is old breach data repackaged due to reused passwords.The dataset also contains records of CVE vulnerability IDs, recent news articles, and social media posts about cybersecurity incidents.Experts advise users to reuse passwords, turn on two-factor authentication, and immediately take security measures to protect affected accounts.
In a shocking revelation, cybernews researchers have discovered an exposed Elasticsearch cluster containing 24 billion records and over 8.3 terabytes of data. The staggering amount of data includes stolen credentials from infostealers, Telegram channels, and breach collections, putting billions of affected accounts at serious risk of takeovers.
According to the report published by Cybernews, the vast majority of the exposed records were infostealer logs, comprising usernames, email addresses, and plaintext passwords. Each credential was saved separately alongside the URL it was supposed to unlock, further emphasizing the extent of the breach. The sheer magnitude of 24 billion records is a clear indication that someone has been actively monitoring the cybersecurity landscape, intent on updating their vast collection of credentials with records from recent data breaches and leaks.
The origin of the data is shrouded in mystery, as the owner of the database labeled it "collections." This term is deliberately vague, leaving researchers unable to further investigate the source of the information within these collections. It is possible that the records are grouped by the services they are supposed to provide unauthorized access to or may indicate that the records come from various infostealer collections previously leaked online.
A closer look at the exposed data reveals an array of sources, with nearly 260 million records coming from Telegram channels with "Darkside" in the name. Another 150 million records originated from a source labeled "local database dumps," which typically refers to someone downloading the contents of a live server. The researchers also found around 146 million records from a "breach compilation combo," which is exactly what it sounds like: old breach data repackaged due to people reusing passwords and rarely changing them.
Another peculiar aspect of the exposed data is the presence of around 17,000 records containing CVE vulnerability IDs with GitHub links, over 5,200 logs of news articles about recent data breaches, and nearly 2,900 logs of social media posts about cybersecurity incidents. One news article in the dataset was published as recently as February 2026, indicating that the data owner is actively engaged in monitoring the cybersecurity landscape.
The researchers emphasize that they cannot confirm exactly how many people are affected by this breach, nor can they say how many records are duplicates or how old most of the data is. However, it is clear that the database is no longer publicly accessible, which doesn't help anyone whose password was already in there.
The experts advise users to reuse passwords and turn on two-factor authentication immediately, as billions of affected accounts are at serious risk of takeovers due to the enormous size of this data leak.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Largest-Data-Breach-in-History-24-Billion-Stolen-Credentials-Exposed-ehn.shtml
https://securityaffairs.com/193864/security/24-billion-stolen-credentials-exposed-in-massive-data-leak.html
Published: Fri Jun 19 01:07:01 2026 by llama3.2 3B Q4_K_M
