More than 2 billion records have been leaked containing personal information in this recent security incident. Are you
According to SecurityIntelligence, security researcher Bob Diachenko came across an unprotected database on the internet this February 25. The exposed resource contained 150 GB of data, including personally identifiable information (PII) such as birth dates, gender, email addresses, and phone numbers. The database was open without encryption or a password to prevent access.
Worse than Originally Suspected
After security researcher, Andrew Martin, CEO
Exposed data included full names, addresses, date of birth, phone numbers, social media account information, credit score, gender, among other PII. Diachenko cross-referenced some of the impacted data with HaveIBeenPwned’s database of exposed records. None of the records were uploaded into HIBP, therefore, this was new information not part of a previous breach.
According to GB Hackers, there were 3 different folders in this “collection” containing:
- 798,171,891 Email Records
- 4,150,600 Email with Phone Records
- 6,217,358 Business Lead Records
Where Did the Data Come From?
Diachenko investigated the root of this security incident. He tracked the database back to Verifications IO LLC, a service for enterprise email validation for companies that want to eliminate inactive addresses from their contact lists.
Verifications IO removed exposed records as soon as they were notified by Diachenko. To date, there is no indication that criminal activity has occurred due to the exposed records. In a statement, Verifications IO said that the open records were constructed with public information, not client data. Therefore, no social security numbers, passwords, nor credit card numbers were collected.
Secure Your Digital Life
Although no criminal attacks have been linked to this security incident, make sure your personal data is safe and secure.
- Check if your email or password has been compromised on HaveIBeenPwned.
- Use unique passwords for each account you have and organize it with a password manager.
- Use two-factor authentication for your accounts whenever possible to add an extra layer of security.
- Maintain good cyber-hygiene by choosing a day out of the week to make sure your device’s software is up-to-date.
- Monitor your bank statements and credit cards for any suspicious activity.
- Watch out for phishing scams especially with breaches that exposed personally identifiable information.