Verifications.io Database Download Software The more than 4 terabytes of data was discovered by security researchers from Data Viper. Unlike other troves, this simple database didn’t hold user names and passwords, but personal data, such as names, email addresses, phone numbers, LinkedIn, and Facebook profiles, scrapped off the Internet. Verifications.io Database Leak Download Verifications Io Data Breach Look Up Search After researching more about Verifications.io online and comparing the information that was publicly available in the database we have come to the following conclusions. Apr 30, 2019 Then in March, 763,117,241 people had their records leaked by a marketing database called Verifications IO. Now it’s emerged that an unsecured database belonging to an unknown organization has. On 25 February 2019 security consultant Bob Diachenko discovered an enormous database of emails and other personal information. Diachenko found that it contained 763 million records. All the evidence pointed to a single source. Verifications.io, a self-described 'big data email verification platform.' Verifications.io unprotected database leaks 800+ million email addresses. This person is a verified professional.
On 25 February 2019 security consultant Bob Diachenko discovered an enormous database of emails and other personal information. The database was not password-protected and available to anyone with an internet connection.
Diachenko worked quickly to figure out the extent of this data breach and found that it contained 763 million records. According to his blog, it is 'perhaps the biggest and most comprehensive email database [he has] ever discovered'. Troy Hunt of HaveIBeenPwned estimates that it is the second biggest data breach in history.
You would imagine that a database that size must be an accumulation of several previous data breaches, right? Wrong. All the evidence pointed to a single source. Verifications.io, a self-described 'big data email verification platform.'
On their now archived website, Verifications.io claims to help companies 'enhance their email list', 'remove hard bounces' and improve return on investment. But while this all seems above board, this kind of service is also a phishing scammer's dream and has great potential to be misused. As we discussed in our last blog, scammers need verified emails to help them bypass spam filters and evade law enforcement. A service that verifies emails would be a useful shortcut for malware spammers.
What particularly disturbed Diachenko was how detailed some of the profiles were. Data included:
- Email addresses,
- Names,
- Dates of birth,
- Employers
- Job titles,
- Genders,
- Geographic locations,
- IP addresses,
- Phone numbers,
- Physical addresses.
Virtual dj 7 serato skin zip. Verifications.io claimed that they drew data from publicly available sources. Does this imply that personal data online is fair game to be trawled and potentially misused?
Hunt was curious about where exactly Verifications.io mined their data. So he sent out a tweet calling on people who use unique email addresses to see which of their accounts were compromised. Though nothing has been confirmed, respondents variously claimed that their single-use email addresses for Adobe, LinkedIn and Deluxe Check Company, LinkedIn, and TechNet Magazine were implicated.
Now is a good time to reflect on how much of your data there could be out there. Every online subscription, eCommerce store, or online service you have ever signed up for has the potential to be mined. Within your company, which highly visible people could be targeted by hackers and malware spammers? It should be of great concern that Verifications.io can operate above board despite selling our sensitive data to be used far beyond the context in which the data was obtained. It is, of course, even more worrying that the data breach exposed this information to the general public.
This is the new reality of life online, and it won't change any time soon. The onus is on us to actively protect ourselves, and that starts by understanding what a hacker would see if they came looking at your company.
Nearly 1 Billion Email Accounts Exposed in Mega Breach of Verifications.io DatabaseAn email validation company that allowed marketers to verify the accuracy of their lists has leaked a massive amount of email accounts and additional Personally Identifiable Information (PII), in one of the largest data breaches ever recorded.
Cybersecurity researcher Bob Diachenko discovered an unsecured database that contained 982 million email accounts, paired with additional PII including people’s names, gender, dates of birth, employers, and home addresses. He then traced the source of the database back to the company Verifications.io, which has since removed the database, shut down their website, and apparently ceased to exist. The database of information could be accessed by anyone who knew where to look — no sophisticated hacking skills necessary.
Has Your Data Been Breached?
What’s disturbing about this latest mega breach is that no one, including security researchers, knows how it got there. Even fewer people have probably heard of the company involved.
When cybercriminals get their hands on a database of emails and other personal information as large as this, it’s a feeding ground to launch phishing attacks and other campaigns that can lead to identity theft and fraud. Install kangaroo for grasshopper. All it takes is two pieces of PII for a bad actor to commit synthetic identity theft, resulting in your information being used to open new bank or credit accounts, commit tax fraud, or even obtain health insurance.
The time to protect yourself, your family, and your employees is now with the industry’s best identity theft protection. Get started with a Free Trial of IdentityForce.
Steve Turner
Steve, former Chief Information Security Officer (CISO) at Sontiq, the parent company of the IdentityForce, Cyberscout, and EZShield brands, has over 30 years of extensive experience managing security teams and continuous improvement initiatives around the security of IT systems, including disaster recovery, security, and PCI Compliance.
See All of Steve Turner's Posts
Identity Protection is a Tax Benefit
A new IRS ruling recognizes employer paid ID theft protection as a non-taxable, nonreportable benefit.
You can deduct this cost when you provide the benefit to your employees.
Download the IdentityForce App Today
IdentityForce has been protecting government agencies since 1995.Tweets by IdentityForce
Questions?
Call 1-877-694-3367Send us an emailLive ChatProtect What Matters Most.™IdentityForce is a leading provider of proactive identity, privacy and credit protection for individuals, businesses, and government agencies.
Subscribe to our Newsletter for Identity Theft Updates:
Thank you for signing up.