Nearly a Billion People's Private Data Leaked in 'BIGGEST BREACH Ever'

[KhalaiMakhlooq]

Nearly a Billion People's Private Data Leaked in 'BIGGEST BREACH Ever'

21:58 29.03.2019 | https://sputniknews.com/business/201903291073670978-biggest-breach-private-data-leaked/

The breach was spotted accidentally when a security expert logged into an “email validation” firm’s website, and, having passed the verification stage, woke up to the fact that he had gained access to unknown people’s personal details.

Security researchers have discovered that the email addresses of roughly 982 million people have been leaked in what has been billed one of the “biggest and most comprehensive email database” breaches in history.

After an “email validation” firm called Verifications.io appeared to have breached the aforementioned personal details online, including other types of vital information, like customers’ names, gender, and birthdays, its website was shortly taken down.

"This is perhaps, one of the biggest and most comprehensive email databases I have ever reported", Bob Diachenko, one of the security researchers who first spotted the leak, wrote in a blog post. He discovered the overwhelming breach after he complied with the verification procedure on the website just to find that the vast amount of emails on it “were publicly accessible for anyone with an internet connection”.

"Some of data was much more detailed than just the email address and included personally identifiable information", he went on to say in his post.

The said firm, Verifications.io, has so far declined to comment on the issue. In the meantime, Diachenko wrote to the shady entity’s support team that he had exposed the huge data breach on its website, but was told in response that the information featured there was “public”. However, shortly afterwards the firm’s website disappeared into thin air, having removed all its traces.

While it is not yet known whether the breached data was accessed by any criminals, there is one positive thing about the whole matter: no passwords or credit card details were leaked on the database, which rules out illegal financial schemes.

 

[KhalaiMakhlooq]

Email addresses of almost a BILLION people are leaked in one of the biggest data breaches ever - and hackers could now have access to your name, date of birth and even where you LIVE

PUBLISHED: 10:38, 29 March 2019 | UPDATED: 15:49, 29 March 2019 | https://www.dailymail.co.uk/science...ION-peoples-personal-information-exposed.html

• 'Email validation' firm was taken offline when the enormous breach was reported
• Personal information like names, address and employer were also exposed
• Verifications.io is a company offering 'enterprise email validation' as a service
• Validators ensure that the email addresses in a list are valid and won't bounce

Almost one billion people's personal data has been breached online by a shadowy marketing company that has since disappeared without a trace.

Email addresses from 982 million people were listed in what researchers are calling one of the 'biggest and most comprehensive email database' breaches ever.

Personal information including names, gender, date of birth, employer, details of social media accounts and even home addresses were listed.

Security researchers uncovered the breach in an online database created by Verifications.io that had no privacy protections in place.

The firm offered an 'enterprise email validation' service that let other marketing firms check whether lists of email addresses they have harvested are real.

Verifications.io took down their website after the leak was uncovered and they have refused requests for a comment on the situation.

Little is known about the people behind the business with its backers maintaining their anonymity due to the dubious tactics it employs.

Hundreds of millions of people's personal data has been breached online by a marketing company who have since taken their website down. Pictured here, a screen grab of the website when it was active

The website went offline after Cyber security expert Bob Diachenko, one of the researchers who found the breach, notified its support team.

It was unclear whether the exposed data was accessed by others, but hackers are often quick to strike when leaks occur.

Passwords and payment card details were not leaked but other records in the collection included company names, annual revenue figures, company websites, and even personal addresses.

Mr Diachenko , along with NightLion Security's Vinny Troya, cross-referenced the datasets with the HaveIBeenPwned database, a list of all public data breaches.

They were then able to establish that the Verifications.io leak contained unique records that had never been exposed in any previous breach 'collections'.

'This is perhaps the biggest and most comprehensive email database I have ever reported,' Mr Diachenko wrote in his post.

'Upon verification, I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection.

'Some of data was much more detailed than just the email address and included personally identifiable information.'

The researchers said that Verifications.io offered a service to marketers where it would 'verify' lists of email addresses.

Marketing companies often employ third party verification companies to do this, due to tedious effort of doing this manually as well as the increased effectiveness of spam filters.

Marketing companies use these services to send out mass emails to a large email list they need to 'validate' to confirm whether the addresses are real or still active.

A screengrab of the website today. It was taken down after security researchers uncovered the breach left in an unsecured online database by the company, which sends out tens of thousands of emails to validate these users

This usually involves sending an email to everyone on the list and checking to see if any messages bounce.

If they do bounce they simply put them in a 'bounce list' so they can easily validate it later on.

The company, with an Estonia address, sends out tens of thousands of emails to validate these users.

Data breaches like this put the people involved at a much higher risk of being exposed to not only nuisance calls and emails but also hack attacks and fraud.

Each one of the users on the list gets their own spam message saying 'hi'.

Then the company sends a verified, and valid list of users to these companies so they can start a more focused phishing campaign, according to Mr Diachenko.

They said that marketing companies hide behind services like this so that they are not blacklisted for spamming.

 

[YeBeWarned]

damn, there goes my nude Pictures again

 

[war&peace]

It seems to be an inside job...the validation.io itself is involved and rather it was created for this purpose.

damn, there goes my nude Pictures again

I would rather look at a barren tree ...

 

[Imad.Khan]

I would rather look at a barren tree ...

Here enjoy a Nudie

 

[war&peace]

Here enjoy a Nudie

We have naked juice bar... but the girls are dressed up fully

 

[Imad.Khan]

We have naked juice bar... but the girls are dressed up fully

lol that would be a big disappointment for all the tharkis.

Anyway its the nudie i sent you better than looking at barren trees?

 

[WarKa DaNG]

Ohhh shittt !!! what about my girlfriend's picture