See: MongoDB database exposes personal data of 66M users
Diachenko then teamed up with Troy Hunt of HaveIbeenPwned (HIBP)and after analyzing the database revealed that it contained sensitive details such as names, physical addresses, phone numbers, email addresses, date of birth, gender, employers, geographic location, IP address, and job titles.
Diachenko broke down the data as:
- Emailrecords (count: 798,171,891 records)
- emailWithPhone (count: 4,150,600 records)
- businessLeads (count: 6,217,358 records)
Although the leaked data did not include passwords, Hunt on behalf of HIBP informed millions of victims through emails on March 10th, 2019. Diachenko, on the other hand, informed Verifications.io about the breach and since then Verifications.io domain has been offline.
Screenshot detailing the data (left) – Screenshot of the email sent by HaveIbeenPwned (right)
Leaked data is 2 billion not 800 million
While it was believed that the exposed data contained 800 million records, according to DynaRisk, a UK based cybersecurity company revealed that the actual leaked data is way more than previously anticipated. In fact, the company’s CEO Andrew Martin told SC Media that the MongoDB database actually exposed four databases not one and the actual amount of exposed data is 2 billion (2,069,145,043) not 800 million.
Martin further explained that their security researchers conducted their own investigations revealing that the compromised servers were set up in Miami while the size of the database was 196GB, not 150GB. What’s worse is that the other 3 databases contained additional user data including their characterizations credit scores, interest rate, personal mortgage amount, emails linked to their social media profiles on Facebook, Instagram and LinkedIn.
Screenshot of the leaked data – Image credit: SC Media
Furthermore, none of the data was encrypted which means that it could be a treasure trove for state-sponsored hackers and cybercriminals.
Our analysis was conducted over all four databases and extracted over two billion email addresses. The additional three databases were hosted on the same server, which is no longer accessible, Martin told The Register.
If you have received an email notification from HaveIbeenPwned about the involvement of your records on the exposed database you should be worried about it as it can work as a goldmine for hackers, phishers, cybercriminals and those involved in identity theft-related scams.
See: A trove of 1.4 billion clear text data file found on Dark Web
However, a sigh of relief is that there were no passwords involved in the breach and there is no indication if the exposed databases were accessed by a third-party (at least not yet). Moreover, since Verifications.io was taken offline right after they were informed about the breach chances are that data won’t be accessed by malicious elements unless someone knew about the incident before security researchers.
Not for the first time
This is not the first time when billions of records have surfaced online in a database for anyone to access. Last month German security researchers identified a massive 845GB database (dubbed Collection #2) containing 2.2 billion usernames and passwords.
In January this year, researchers also discovered a database (dubbed Collection #1) containing 773 million ‘unique’ email IDs and 22 million ‘unique’ passwords available on MEGA cloud service for download. Later on, the same data was found posted on a famous hacking forum.
A word of advice
Use HaveIbeenPwned service to see if your email is part of a data breach and inform your bank of the breach to avoid identity theft scam. Also, sign up on a few online services as possible and keep your data private by not sharing it with recruiters or any other third-party. Stay safe online!
Did you enjoy reading this article? Kindly do like our page on Facebook and follow us on Twitter.