incident report security breach records privacy verifications io

2 Billion Records Exposed!

More than 2 billion records have been leaked containing personal information in this recent security incident. Are you impacted?

Verifications IO records security incident phish cybersecurity threat privacy breach data personal prilock digital cyber code

According to SecurityIntelligence, security researcher Bob Diachenko came across an unprotected database on the internet this February 25. The exposed resource contained 150 GB of data, including personally identifiable information (PII) such as birth dates, gender, email addresses, and phone numbers. The database was open without encryption or a password to prevent access.

Worse than Originally Suspected

Verifications IO records security incident phish cybersecurity threat privacy breach data personal prilock digital cyber code exposed compromised leaked

After security researcher, Andrew Martin, CEO and Founder of DynaRisk, analysed the data it was concluded that the security incident exposed not one but four databases containing a total of
2,069,145,043 records.

Exposed data included full names, addresses, date of birth, phone numbers, social media account information, credit score, gender, among other PII. Diachenko cross-referenced some of the impacted data with HaveIBeenPwned’s database of exposed records. None of the records were uploaded into HIBP, therefore, this was new information not part of a previous breach.

Verifications IO records security incident phish cybersecurity threat privacy breach data personal prilock digital cyber code exposed compromised leaked

According to GB Hackers, there were 3 different folders in this “collection” containing:

  • 798,171,891 Email Records
  • 4,150,600 Email with Phone Records
  • 6,217,358 Business Lead Records

Where Did the Data Come From?

Verifications IO records security incident phish cybersecurity threat privacy breach data personal prilock digital cyber code exposed compromised leaked

Diachenko investigated the root of this security incident. He tracked the database back to Verifications IO LLC, a service for enterprise email validation for companies that want to eliminate inactive addresses from their contact lists.

Verifications IO records security incident phish cybersecurity threat privacy breach data personal

Verifications IO removed exposed records as soon as they were notified by Diachenko. To date, there is no indication that criminal activity has occurred due to the exposed records. In a statement, Verifications IO said that the open records were constructed with public information, not client data. Therefore, no social security numbers, passwords, nor credit card numbers were collected.

Secure Your Digital Life

Although no criminal attacks have been linked to this security incident, make sure your personal data is safe and secure.

Verifications IO records security incident phish cybersecurity threat privacy breach data personal prilock digital cyber code exposed compromised leaked
  • Check if your email or password has been compromised on HaveIBeenPwned.
  • Use unique passwords for each account you have and organize it with a password manager.
  • Use two-factor authentication for your accounts whenever possible to add an extra layer of security.
  • Maintain good cyber-hygiene by choosing a day out of the week to make sure your device’s software is up-to-date.
  • Monitor your bank statements and credit cards for any suspicious activity.
  • Watch out for phishing scams especially with breaches that exposed personally identifiable information.
  •  
  •  
  •  
  •  
  •  
  •