Update:
- The majority of the population is affected by what is being called the mother of all data breaches, Manta Sasnauskas, Cybernews head of research, tells Yahoo Finance.
- The breach is now expected to include more than 100 billion leaked records from companies including Venmo, Canva, Apollo and more.
- The leaked data is estimated to be worth $26 billion, Sasnauskas tells Yahoo Finance.
- Threat actors could use the data for credential stuffing in which login data from one account can be used to gain access to multiple other accounts.
- China’s Tencent remains most affected by the leak with 1.5 billion records affected, but hackers also hit LinkedIn, X, Venmo, Canva, Apollo and Adobe, according to Yahoo.
Massive data breach overview:
- Who: There has been a massive data breach involving 26 billion records from sites such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram.
- Why: The data breach is estimated to be the largest on record, at 12 terabytes of information, and is being called “the mother of all breaches.”
- Where: The massive data breach impacts records from across the United States and worldwide.
(Jan. 30, 2024)
A massive data breach that includes 26 billion records and 12 terabytes of information from companies such as Twitter, Dropbox, LinkedIn, Adobe and more is being called “the mother of all breaches,” Forbes says.
“The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks and unauthorized access to personal and sensitive accounts,” researchers from Security Discovery and CyberNews say.
The data breach includes 3,800 folders, each containing records from an individual data breach, including 281 million Twitter/X records, 251 million LinkedIn records, 179 million Evite records and 153 million Adobe records, McAfee reports.
U.S., Brazil, Germany governmental bodies included in data breach
The largest data set includes 1.5 billion records from Chinese messaging service Tencent, according to McAfee.
“The leaked data contains far more information than just credentials — most of the exposed data is sensitive and, therefore, valuable for malicious actors,” McAfee says.
Records from government bodies of the United States, Brazil, Germany and other countries are included in the data breach, TechRadar says.
Hackers will likely attempt credential stuffing if users have repeated passwords over several services, TechRadar says.
CyberNews has a data leak checker where users can see if their information has been compromised and from which sites.
Some of the 26 billion records are repeated, and most of the compromised records are already known or were compiled from other places, TechRadar reports.
In late 2022, Dropbox disclosed it suffered a data breach that compromised 130 code repositories from one of its GitHub organizations.
Have you had identity theft issues after a data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
Washington residents: Did you receive a ‘refer a friend’ text for Capital One, Venmo, Tesla, Coinbase, or another company?
September 23, 2025 | Legal News
348 thoughts on‘Mother of all data breaches’ includes more records, brands than initially thought
Please add me
I’m included in this too I need help
Add me for Canva data leak!
Add me for Canva data leak!
According to the data leak check, my oldest email (from the mid 90’s) was leaked eight times. I still get no spam.
Plz add me
Please add me to this as I recently found out my data was included in this breach.
How do we become part of the class action suits?
Add me. I have an account with several of these
Yup! EMSA in Tulsa Oklahoma sent me a letter saying that my information was accessed!