heise PlusAbo
Anzeige

122 gigabytes of personal user data leaked via Telegram messenger

Security researchers have compiled a large archive of personal data from Telegram channels. This includes email addresses and passwords.

listen Print view
Stilisiertes Bild mit rötlichen Leiterbahnen, offenem Schloss im Vordergrund und den Worten Data Leak, Security, Exploit found

(Image: Black_Kira/Shutterstock.com)

2 min. read
Security
By
Contents

Some criminals share data from cyberattacks in Telegram groups. A security researcher has now collected a 122 gigabyte archive of personal data from users of various online services. There are many indications that the access data is genuine. The origins of the data are still unclear. It is also unclear from which time period they originate.

Addresses and passwords affected

According to a report, the archive was leaked to the operator of the online service Have I Been Pwned (HIBP). The service collects leaked data from cyberattacks. It allows users to anonymously check whether they appear in a data leak by entering their own email address, for example.

In the current case, the archive is said to be 122 gigabytes in size and contain over 1700 files. The data is said to have been collected from 518 Telegram channels. The personal data includes 361 million email addresses.

According to the HIBP operator, it did not previously have 151 million of these addresses in its database and has now added them. The archive is also said to contain passwords and some of the associated websites. Screenshots in his report show that passwords are available in plain text. It is currently unclear whether this is the case for all of them. According to his examination of random samples, the data looks genuine.

Videos by heise

Access data business model

Criminals organize such data in large lists to automatically try out the collected access data on countless websites as part of a credential stuffing attack. If they land a hit, they take control of the corresponding account.

As a rule, such lists are offered for sale in underground forums. Recently, such an incident occurred with the cloud provider Snowflake, where criminals offered copied user data for sale on the dark net.

How can you protect yourself?

Once such data is in circulation, it is difficult for victims to protect themselves. In such a case, you should keep your eyes and ears open for suspicious phishing emails and phone calls.

To further protect yourself, you should activate two-factor authentication (2FA) for every online service. In this case, attackers cannot log in with a captured password because they do not have the additional 2FA code required.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten