Security researchers have discovered one of the largest data leaks from a single source organisation in history.
On October 16, Bob Diachenko and Vinny Troia discovered a wide open Elasticsearc server containing 4 billion user accounts spanning across over 4 terabytes of data.
Vinny Troia, chief of threat intelligence at Data Viper, wrote that the total amount of unique people across all data sets reached more than 1.2 billion people. The leaked data includes names, phone numbers, email addresses, LinkedIN and Facebook profile information.
The researchers identified that the data sets appear to come from two different data enrichment companies; People Data Labs and OxyData.lo (OXY).
Troia explains that data enrichment companies “allow you to take a single piece of information on a person (such as a name or email address), and expand (or enrich) that user profile to include hundreds of additional new data points of information.”
The Elasticsearch server was unprotected, thus all the information was accessible at http://18.104.22.168:9200. No password or authentication was required to access or download the data.
Based on an analysis, the majority of the data is said to originate from People Data Labs (PDL). However, after notifying the company about the leak, the researchers were notified that the server in question did not belong to them, but rather resided on Amazon Web Services (AWS).
Sean Thorne, co-founder of People Data Labs said: “The owner of this server likely used one of our enrichment products, along with a number of other data enrichment or licensing services. Once a customer receives data from us, or any other data providers, the data is on their servers and the security is their responsibility.”
An analysis of the “Oxy” database uncvered a complete scrape of LinkedIn data includng recruiter information. OxyData also informed the researchers that the server did not belong to them.
It remains unclear as to who left the data exposed on the server.
“This is the first time ever that I’ve seen emails, names and numbers linked with Facebook, Twitter, LinkedIn and Github profiles all in one spot,” said Troia, who describes himself as a cybercrime hunter. “There are no passwords related to this data, but having a new, fresh set of passwords isn’t that exciting anymore. Having all of this social media stuff in one place is a useful weapon and investigative tool.”
The post #Privacy: Data breach exposes over 1 billion records appeared first on PrivSec Report.