In one of the largest security breaches in recent history, Verifications.io, an email marketing company, suffered a massive security incident which exposed the personal data of more than 800 million people - potentially impacting one in every nine people. The breach came to light when security researchers, Bob Diachenko and Vinny Troia, found an unprotected server that stored 150GB of user data, which was taken offline as soon as the breach was reported.
“This is perhaps the biggest and most comprehensive email database I have ever reported. Upon verification, I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection. Some of the data was much more detailed than just the email address and included personally identifiable information (PII),” Diachenko said in his post.
The potential damage includes access to information on personal mortgage, online user account details for platforms such as Facebook, LinkedIn and Instagram, business reports that contained wages and employee details, annual revenue numbers, and other sales details. Despite the website going offline, analysts are scanning through the data to check if others may have gained access to the information and negate any potential threats.
Diachenko confirmed that the exposed data was a unique set, and was not part of a previous leak. One of the bigger threats a data breach of this magnitude can trigger is identity theft, where the information stolen can be manipulated by hackers or other corporate competitors.
Over the last year, data breaches increased by nearly 424%, with almost 15 billion unprocessed stolen identity records being circulated in the underground market. The upshot is that with enhanced technology, businesses and governments have ample options at hand - including access to improved security platforms that have the ability to avert a data breach.
Because of all those recent breaches, we at Passbase launched a tool called breachchecker.com which allows people to check if their email got compromised or exposed in a recent breach.
Users can check for free and without risk, when and where their email data got exposed. We believe in a privacy and security centric future. We build tools, products and services to pursuit this path - let us all work towards this mission.