Content

Unprotected MongoDB database exposes 763M unique email addresses, ‘business intel’

Verifications.io has taken down an unprotected MongoDB database found by researchers last week to contain 150GB-worth of plaintext marketing data including 763 million unique email addresses and various corporations’ revenue data.

“This is perhaps the biggest and most comprehensive email database I have ever reported. Upon verification I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection,” Security Researcher Bob Diachenko wrote in a blog post detailing his find. “Some of data was much more detailed than just the email address and included personally identifiable information (PII).”  

 Verifications.io, the owner of the database, pitches itself as an “enterprise email validation” provider. “Unfortunately, it appears that once emails were uploaded for verification they were also stored in plain text,” said Diachenko, who said the company took the database offline immediately after he reported it.

“The data exposed in this leak of nearly 809 million records is unique, and highly exploitable since it includes business intelligence data such as employee and revenue figures from various companies, as well as genders, user IP addresses, email addresses, dates of birth and more,” said Chris DeRamus, CTO at DivvyCloud. “If a bad actor were to discover this massive trove of data, they could easily validate the contact information for the users included to launch a more focused phishing or brute force campaign.”

Noting that “data is king—collecting, storing and leveraging data is essential to running just about any type of business you can think of,” DeRamus urged organizations to “be diligent in ensuring data is protected with proper security controls.”

Dtex Insider Threat Intelligence Team Manager Armaan Mahbod said 98 percent of assessments that were run “for the Dtex 2019 Insider Threat Intelligence Report detected incidents of data left exposed in the cloud because of human error, which is one of the most common forms of insider threat taking place within the public and private sectors today.” The reason these leaks occur time and again, Mahbod said, is “negligence, lack of training, misunderstanding of how to password protect cloud services, and an inability to see how users are interacting with data.”

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds