There’s been a major data leak. This time it’s a big one. 800 million records were exposed. The database owner is Verifications IO LLC.
The security research community is puzzling over a major data leak. What is known that 800 million records have been exposed thanks to an insecure MongoDB. The database weighs in at a whopping 140GB.
Researchers decided to compare the data found in the database with known leaked or breached information via Troy Hunts Have I Been Pwned site and discovered that the data set is unique and likely new. From Bleeping Computers:
The Emailrecords folder which included the most records contained the last name, date of birth, email, phone number, zip code, address, gender, and IP address for each separate entry.
Diachenko cross-checked a selection of random records from the database with the HaveIBeenPwned database of leaked records maintained by Troy Hunt and reached the conclusion that they were not part of any previous leak, leading to the conclusion that this was a new and unique set of data.
Perhaps one somewhat unique characteristic of this data leak is figuring out who suffered from the leak. Most of the time, this isn’t that hard, but in this case, it apparently took some digging:
During the verification process, the researcher also tried to pinpoint the owner of the exposed MongoDB instance and, eventually, managed to discover a possible owner in Verifications IO LLC, a company which advertised “enterprise email validation” services on its website.
After researchers contacted the company, the company pulled the database offline and admitted to the mistake. They said that the information was public information and not client data. After correcting the error, the company thanked the researchers for reporting the leak.
It’s unclear if anyone else got their hands on this database. If the researchers were the only ones that made this discovery, then a potential security disaster may have been averted here.
Drew Wilson on Twitter: @icecube85 and Google+.