Email Verification Service Takes Itself Offline After 800 Million Records Get Publicly Exposed
(Mar 8, 2019)
Researchers Bob Diachenko and Vinny Troya discovered a MongoDB database containing over 800 million records that was not password-protected but publicly accessible over the internet. The database, owned by email verification company "Verifications.io," contained information including email addresses, names, phone numbers, as well as individuals' city, date of birth, and gender. These records appear to be unique records that have not been leaked from previous breaches, according to the website "HaveIBeenPwned." Researchers contacted the company who then took the database offline on March 7, 2019.
Recommendation: Databases should not be directly accessible over, or connected to the internet. Protect these services with authentication, do not allow guest or anonymous login. Make sure all user-supplied data is sanitized to prevent SQL injections for web applications that are accessing database data. Actors can use this information to coerce more personal data from the victim. Users should also monitor their credit in order to make sure that nothing out of the ordinary is happening and no identity fraud is being committed.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.