The Mother of All Breaches: What You Should Know

Estimated Reading Time: 5 Minutes

Data breaches have become an unfortunate reality for businesses and individuals. From small-scale incidents to high-profile attacks, we have seen the devastating consequences of compromised data. However, amidst this landscape of breaches, one incident stands above all – the Mother of All Breaches.

In this blog, we’ll explore the supermassive breach and what you should know to help protect yourself and your customers from identity fraud.

The Unprecedented Breach

The Mother of All Breaches (MOAB for short) refers to the largest data breach in history, which security researchers discovered in an open online instance. This supermassive data leak contains 26 billion records from thousands of meticulously compiled and reindexed leaks, breaches, privately sold databases, including LinkedIn and Twitter, and government organizations from several countries. Yes, you read that right. The leaked dataset contains 26 billion records broken into 3,800 folders, each corresponding to a separate data breach. For instance, the sprawling archive stores the 2016 leak of 316 million MySpace passwords, the 2023 leak of 281 million Twitter email addresses, and 251 million records from one of LinkedIn’s wave of breaches. This data leak exposes individuals’ personally identifiable information (PII) and sensitive data, which can lead to profound consequences for personal data protection and privacy, financial security, etc.

The “owner” of this data remains unknown, as well as its purpose and who has accessed it. However, according to security researchers, the file does not appear to have been advertised on the dark web forums despite being open on the internet.

Tips to Help You & Your Customers Protect Against Identity Fraud After a Data Breach

Unfortunately, you and your customers’ data are likely part of this data breach, so the time to implement security measures and practice safer online habits is now. Share the following data breach safety measures with your customers to help reduce their risk:

• Make monitoring activity on your financial and credit card accounts part of your routine.
  
  
• Set up two-factor authentication where available for extra security.
  
  
• Rethink the information you’re sharing online (specifically social media). With so much leaked information in MOAB, hackers can piece together compromised data with the information you publicly share to create a holistic picture of your identity.
  
  
• Always use strong and unique passwords, and don’t reuse passwords across multiple platforms.
  
  
• Keep an eye out for imposter scams and other fake solicitations sent to you from unfamiliar sources. Scammers will often use imposter schemes to trick you into clicking a link or divulging your personal information to later use to commit identity fraud.
  
  
• Be on the lookout for any phishing emails. In the aftermath of any data breach, it’s common for those affected to receive an influx of phishing emails supposedly from the organization breached or other trusted service providers. Phishing emails are a common way fraudsters can get even more personal data from you.
  
  
• Sign up for an identity protection service that includes credit and identity monitoring if you haven’t already. Just be aware that not all monitoring services will protect you equally, so make sure you find a service with powerful monitoring capabilities and 24/7 full-service resolution assistance should you ever find yourself the victim of fraud.
  
  
• When assessing identity protection programs, make sure you choose one that also includes high-risk transaction alerts. Iris monitors tens of millions of high-risk transactions with over 300 of the nation’s largest companies to uncover and thwart account takeover attempts. This, in particular, will be key in the aftermath of this data leak.
  
  
• Comprehensive identity monitoring services should utilize automated monitoring and human threat intelligence for its internet (surface, deep and dark web) surveillance and compromised credential monitoring. The monitoring should also include alerts so that if your information is detected, you can quickly assess and work with resolution experts to minimize any impact.

Some recommended information to monitor includes:

• Login credentials for online accounts
• Social Security number / Social Insurance Number
• Email addresses
• Date of birth
• Debit/credit card numbers
• Bank account numbers
• Insurance card/policy number
• Drivers’ license number
• Loyalty card numbers
• Affinity card numbers
• Passport number

Billions of Exposed Data Makes Case for Identity Protection Programs, Including Identity Monitoring + Alerts & Scam Assistance

The total impact of the MOAB is still being assessed; however, it will likely stand as the biggest release of stolen digital information society has seen to date. Consumers should expect hacking and phishing attempts designed to trick them into revealing more personally identifiable information (PII) or clicking links that will install malware on their device(s). And, with hackers’ phishing attempts growing in sophistication, it can be difficult for consumers to discern a legitimate communication from a fake.

The silver lining is that there are tools and resources your customers can use to help safeguard them against the negative impacts of a data breach.

Consumers may be familiar with receiving post-breach protection offerings, often provided for a specified amount of time. However, the nature of MOAB is different than a typical breach, as the data leak is a collection of thousands of old and a few new data breaches.

With Iris^® Powered by Generali’s Identity Monitoring & Alerts features, your customers will be alerted the moment their sensitive data appears on the dark web so they can take action immediately. And, if they ever become an identity fraud victim, we have 24/7 award-winning Resolution Specialists who will take the burden of restoring their name off their shoulders.

If your business already offers identity monitoring or is looking to offer a standalone micro-experience, Iris’ ScamAssist service can provide your customers peace of mind. Our unique scam analysis tool can help your customers:

• Avoid falling victim to scams
• Save time with an easy-to-use online submission process
• Become knowledgeable about the latest scams and online threats
• Get help when they need it most – either via our scam experts or online portal