Kudos to Lawrence Abrams and Bleeping Computer for calling out Cybernews’ misleading reporting.
News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks.
To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials.
Instead, these stolen credentials were likely circulating for some time, if not for years. It was then collected by a cybersecurity firm, researchers, or threat actors and repackaged into a database that was exposed on the Internet.
Read more at BleepingComputer.
Bleeping wasn’t the only one criticizing Cybernews‘ recent story that got picked up in many news outlets.
Cybernews’ “Stunt”
Over on Infosec.Exchange, Kevin Beaumont responded to Bleeping Computer’s article by noting that this was the second time Cybernews had “pulled this stunt.”
@JayeLTee responded, highlighting that sometimes it was very easy and fast to get leaks locked down but it appears Cybernews didn’t even try:
What’s even funnier is that some of the servers they are talking about were exposed for months, and they say they were briefly exposed. Some were exposed even after they published the article.
An email for the ISP abuse email and CERT.br for the one they mention with 679 million records, and the server was closed in a few hours. It was that hard.
Plus, all the other times they’ve made posts linking to data still exposed that I ended up closing like: https://databreaches.net/2024/09/26/massive-french-citizens-data-leak-exposes-95-million-records/
Multiple other examples of their misleading or irresponsible reporting, too many to name in a post
A Wake-Up Call for News Outlets and Media
Given others’ concerns about the accuracy of their reporting and failures to ensure that data is locked down before they report on it, DataBreaches will no longer be reporting or linking to any Cybernews reports of “discovered leaks” or breaches if they are not confirmed as such by reliable sources.
We hope other news outlets and media will also investigate the accuracy of Cybernews‘ claims of “discoveries” by their researchers so that they do not wind up just disseminating fake news like the recent “16 billion” story.
As much as I generally hate the phrase, “wake-up call,” Lawrence Abrams’ reporting really should be a wake-up call for serious journalists and news outlets.