Top 4 Data Breaches In January 2024 – Massive Leaks
The security team’s research on the breaches that occurred during January revealed that the data breaches in January 2024 alone surpassed the collective total leak records of 2023. It is quite surprising that 2024 has just begun and the data breaches are in full swing.
The number of records exposed during the data breaches in January 2024 is estimated to be 29,530,829,012.
Well, you must be wondering how just one month of breach records surpasses the total of 2023. Here is your answer, it was due to a major breach aka MOAB (Mother of All Breaches) where 26 billion data records of 3876 domains were leaked. Yes! A Massive leak!
Now let us look into the numbers below and understand the magnitude of data breaches in January 2024.
Top 4 Data Breaches In January 2024
Even though the MOAB is considered to be the biggest breach of the month, the other breaches also add a significant count to the rise in the number of data records breached and they cannot be ignored.
Now let’s look into the Top 5 breaches that occurred during the month of January.
S.NO | ORGANISATION | LOCATION | SECTOR | NUMBER OF RECORDS |
---|---|---|---|---|
1 | MOAB | MULTIPLE | MULTIPLE | 26 BILLION DATA RECORDS |
2 | PLANETA | RUSSIA | PUBLIC | 2 PB |
3 | INDIAN MOBILE NET. | INDIA | TELECOMS | 75 MILLION DATA RECORDS |
4 | BRAZILIAN ORG | BRAZIL | UNKNOWN | >220,000,000 RECORDS |
5 | TELECOM MALAYSIA | MALAYSIA | TELECOMS | Aprox 200,000,000 |
1. Mother of All Breaches (MOAB)
Bob Diachenko, a security researcher, and Cybernews investigators discovered an open instance with 26 billion data records, the majority of which were accumulated from prior breaches, although it is possible that new data was also included.
The huge breach has also been discussed over several dark web forums and members are curious to get hands on these information.
It is also believed that it is just a compilation of old data leaks and there was nothing much new.
The data includes more than just passwords; according to Cybernews, the majority of the leaked data is sensitive. Given the enormity of the data breach, it has been termed the ‘MOAB’ (mother of all breaches). The disclosed dataset comprised a total of 3,876 domain names.
2. Planeta (Russia)
The Ukrainian Ministry of Defense’s Main Directorate of Intelligence claimed to have destroyed a 2-PB (petabyte) database from Russia’s Far Eastern Research Center for Space Hydrometeorology, or Planeta.
While the Ukrainian government has not stated whether they were engaged in the attack, they claim the hackers destroyed 280 servers utilized by the research center, which stored 2 petabytes (2000 terabytes).
3. Indian Mobile Network Database
A security firm, claims to have discovered 750 million Indians’ personal information for sale on a “underground forum”. Victims’ identities, residences, phone numbers, and Aadhaar numbers have all been compromised.
It is unclear how the data breach occurred, however the attackers appear to have claimed it was caused by exploiting vulnerabilities within databases maintained by the government of telecommunication systems.
4. Brazilian Data Leak
Researchers uncovered a publicly accessible Elasticsearch instance containing the private data of hundreds of millions of Brazilians, including complete names, dates of birth, sex, and Cadastro de Pessoas Físicas numbers (11-digit identifiers for individual taxpayers).
The massive size of the files has led many commentators to think that the breach came from Serasa Experian, Brazil’s top credit-scoring company. Serasa disputes that the leaking emanated from their system.
In Summary, Data breaches continue to be a huge threat to individuals, organizations, and governments around the world. These breaches can result in financial losses, identity theft, loss of confidence, and legal ramifications. Organizations must prioritize cybersecurity measures such as regular security assessments, personnel training, encryption methods, and rapid incident response plans in order to reduce the risk of data breaches and secure sensitive information. Staying aware and proactive in the face of growing cyber threats is critical for protecting digital assets and fostering trust in an increasingly linked society.