An email validation company that allowed marketers to verify the accuracy of their lists has leaked a massive amount of email accounts and additional Personally Identifiable Information (PII), in one of the largest data breaches ever recorded.
Cybersecurity researcher Bob Diachenko discovered an unsecured database that contained 982 million email accounts, paired with additional PII including people’s names, gender, dates of birth, employers, and home addresses. He then traced the source of the database back to the company Verifications.io, which has since removed the database, shut down their website, and apparently ceased to exist. The database of information could be accessed by anyone who knew where to look — no sophisticated hacking skills necessary.
Has Your Data Been Breached?
What’s disturbing about this latest mega breach is that no one, including security researchers, knows how it got there. Even fewer people have probably heard of the company involved.
When cybercriminals get their hands on a database of emails and other personal information as large as this, it’s a feeding ground to launch phishing attacks and other campaigns that can lead to identity theft and fraud. All it takes is two pieces of PII for a bad actor to commit synthetic identity theft, resulting in your information being used to open new bank or credit accounts, commit tax fraud, or even obtain health insurance.