{“lastseen”:”2026-06-17T11:50:14″,”description”:”A newly discovered database containing 24 billion stolen records is a reminder that personal information from data breaches, phishing campaigns, and infostealer infections continues to circulate online.\\n\\nThe collection was briefly exposed on the internet before being taken offline. While researchers can’t confirm exactly whose information was included, the discovery is a good opportunity to check whether your email addresses, passwords, or other personal data have already been exposed.\\n\\nThe best place to start is with Malwarebytes Digital Footprint Portal (DFP), which can show you whether your information has appeared in known data exposures and breaches.\\n\\n## What happened?\\n\\nResearchers at Cybernews found a publicly exposed Elasticsearch cluster holding more than 8.3 TB of data.\\n\\nThe data, consisting of 24 billion credential records, reportedly came from 36 sources, including numerous Telegram channels, prior breach compilations, collections of infostealer logs, and some datasets apparently exported directly from live servers.\\n\\nBecause the data came from different sources there are some differences in what the records contain and how they are organized.\\n\\nSome records were structured infostealer logs containing usernames, email addresses, and plaintext passwords, and the associated login URL. Roughly 1.7 billion records came from hacking-related Telegram channels, mainly English and Russian, including at least one focused on stolen credit card data.\\n\\nThe exposed database was hosted on an Elasticsearch cluster. Elasticsearch is a tool used to quickly store and search lots of data. If an Elasticsearch server lacks passwords, authentication, or network restrictions, it can be accessed by anyone who finds it online. Without protections such as passwords or a firewall, anyone can read, copy, change, or even delete its data.\\n\\nOther documents in the dataset contained information about known vulnerabilities, articles about breaches, and social media posts about cyberattacks. This suggests the owner actively monitors security news and vulnerabilities and enriches the credential hoard with fresh breach information, either for a commercial \u201cmonitoring\u201d service or for offensive use.\\n\\nA few years ago, we wrote about what was called the Mother of All Breaches, where the source of the dataset has been identified as data breach search engine Leak-Lookup.\\n\\nThis newly discovered 24\u2011billion\u2011record exposure is in the same league as that previous mega\u2011dump, but appears more heavily weighted toward fresh infostealer logs, rather than older, static breach data.\\n\\nAn infostealer log from a single infected device can include passwords stored across all browsers, active session cookies and tokens (including those that bypass MFA), autofill data, device fingerprints, and sometimes crypto wallets or messaging accounts. The complete bundle is what ends up in logs such as those seen by the Cybernews researchers.\\n\\nSince the data was taken out of public view soon after the discovery, the researchers were unable to fully retrace everything they had found or determine how many duplicate records it contained. That\u2019s reassuring because it reduces the chances of cybercriminals finding the database, but reused passwords may still put accounts at risk.\\n\\n## What to do now\\n\\nIt\u2019s good to be aware of how much information about you is out there and who’s gathering it, but it\u2019s even more important to know exactly which information they have, since that is what they can use against you.\\n\\nStart by checking whether your email address has appeared in known breaches or infostealer logs. \\n\\nCheck whether your data is exposed\\n\\nIf you discover exposed passwords, change them immediately and make sure you aren’t reusing the same password across multiple accounts.\\n\\nIf you have reused passwords in the past, prioritize updating important accounts such as email, banking, shopping, and social media accounts. Turn on multi-factor authentication (MFA) wherever possible, since it can help protect accounts even if a password has been exposed.\\n\\n## How to protect your data\\n\\nBecause infostealers commonly arrive through malvertising, fake browser updates, and one-click downloads, it\u2019s worth treating ads and pop-ups with healthy skepticism. My personal tip: Never click on sponsored ads. Instead, visit official websites directly and download software only from trusted sources such as official vendor sites or app stores.\\n\\nAnother increasingly popular technique is ClickFix, a social engineering attack that tricks users into infecting their own devices. Never run commands or scripts copied from websites, emails, or messages unless you trust the source and understand the action\u2019s purpose. If a website tells you to execute a command or perform a technical action, check official documentation or contact support before proceeding.\\n\\nPirated software, game cheats, and cracked tools are some of the most common delivery methods for infostealers. These downloads often come bundled with malware that installs alongside the software you intended to get. The same caution applies to many browser extensions and add-ons that promise extra features or convenience. Stick to extensions from reputable developers, check reviews and permissions carefully, and avoid installing any add-on that asks for more access than it plausibly needs.\\n\\nPhishing emails are still a major threat, but many can be spotted if you slow down and verify before clicking. Even if an email looks like it comes from a trusted brand, treat unsolicited attachments and links with caution, especially when they urge you to open a file, install something urgently, or fix a billing issue. If you\u2019re unsure, check the sender address, look for typos or odd phrasing, and confirm the request through a separate channel such as the company\u2019s official website rather than the link in the email.\\n\\n* * *\\n\\n\\n\\n### ****\u201cOne of the best cybersecurity suites on the planet.\u201d** **\\n\\nAccording to CNET. Read their review \u2192\\n\\n* * *\\n\\n* * *”,”published”:”2026-06-17T10:56:18″,”modified”:”2026-06-17T10:56:18″,”type”:”malwarebytes”,”title”:”24 billion stolen records found in giant data dump. Check if you\\u0026#8217;re affected”,”source”:””,”references”:””,”id”:”MALWAREBYTES:D6867A3301AC0C2B46061F7850A926B9″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/24-billion-stolen-records-found-in-giant-data-dump-check-if-youre-affected”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-06-17T11:50:14″,”description”:”A newly discovered database containing 24 billion stolen records is a reminder that personal information from data breaches, phishing campaigns, and infostealer infections continues to…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-63863","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n