The email addresses of nearly one billion people have been leaked in what has been described as one of the ‘biggest and most comprehensive email database’ breaches on record.
‘Email validation’ firm Verifications.io has since been taken offline after the massive breach was reported, with the personal information of 982 million people being leaked.
This data includes names, gender, date of birth, address and employment details as well as information about social media accounts. Passwords and payment card details have fortunately not been leaked.
This large scale data breach has puts millions of people at a greater risk of being exposed to hackers and fraud, as well as nuisance calls and emails.
According to a blog post by independent cyber security consultant, Bob Diachenko:
On February 25th, 2019, I discovered a non-password protected 150GB-sized MongoDB instance. This is perhaps the biggest and most comprehensive email database I have ever reported.
Upon verification I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection.
Some of the data was much more detailed than just the email address and included personally identifiable information (PII).
This was a comment I left … 8 years ago. pic.twitter.com/OcpvPePhdA
— Eric Mann (@EricMann) March 27, 2019
As reported by the Mail Online, Verifications.io is a business which offers ‘enterprise email validation’, with validators ensuring email addresses within a list are valid.
This service is used by marketing companies to send out mass marketing material via email, checking if the email addresses in question will bounce. This information then allows them to orchestrate a more effective phishing campaign.
If you have a story you want to tell send it to UNILAD via [email protected]