When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings it created outweighs any benefit one might try to ascribe to it.
To his credit, the independent researcher known as @JayeLTee and a colleague have taken the time to analyze the datasets used in Cybernews‘ reporting. JayeLTee has now written an article in which he identifies no less than five significant false claims by Cybernews. He also identifies a serious ethical concern related to Cybernews‘ failure to make a serious — or even any — effort to secure leaks before reporting on them.
The five false claims:
-
- False Claim #1: It was a “record-breaking data breach.”
- False Claim #2: There were “16 billion credentials” (later changed to 16 billion passwords)
- False Claim #3: The data were not from old data or recycled data.
- False Claim #4: “All information comes from infostealers.”
- False Claim #5: The datasets in the report were only briefly exposed.
Read JayeLTee’s report, Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t, and see what you think.
In DataBreaches’ opinion, Cybernews should have just retracted their whole article and apologized profusely for their substandard research and reporting. Instead, they kept “updating” it and adding sections that do nothing to undo the damage they have already done as outlets repeated their initial claims, and a live article, still riddled with inaccurate claims, remains at the original URL.