Popular Posts

Saturday, November 23, 2019

1.2 Billion Records Found Exposed Online in a Single Server

For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stolen and aggregated consumer data that they used to break into people's accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all.

While the collection is impressive for its sheer volume, the data doesn't include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.

"It’s bad that someone had this whole thing wide open," Troia says. "This is the first time I've seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs. That's a lot of information in one place to get you started."

The IP address for the server simply traced to Google Cloud Services, so Troia doesn't know who amassed the data stored there.

More

1 comment:

  1. It's in fact very complex in this busy life to listen news on TV,
    therefore I only use internet for that purpose, and take the most up-to-date information.

    ReplyDelete

Note: Only a member of this blog may post a comment.