For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stolen and aggregated consumer data that they used to break into people's accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all.
While the collection is impressive for its sheer volume, the data doesn't include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.
"It’s bad that someone had this whole thing wide open," Troia says. "This is the first time I've seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs. That's a lot of information in one place to get you started."
The IP address for the server simply traced to Google Cloud Services, so Troia doesn't know who amassed the data stored there.
More
DelMarVa's Premier Source for News, Opinion, Analysis, and Human Interest Contact Publisher Joe Albero at alberobutzo@wmconnect.com or 410-430-5349
1 comment:
It's in fact very complex in this busy life to listen news on TV,
therefore I only use internet for that purpose, and take the most up-to-date information.
Post a Comment