Bleeping Computer responds to headlines from another site:
News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks.
To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials.
Instead, these stolen credentials were likely circulating for some time, if not for years. It was then collected by a cybersecurity firm, researchers, or threat actors and repackaged into a database that was exposed on the Internet.
Read more at Bleeping Computer.
Update: In response to heavy criticism from several news sites, Cybernews has been updating its original post to add more details and data. As of Friday afternoon, however, they are still misrepresenting it all it as it is does not appear to be one breach or one leak at all.
