Neglecting to password-protect a database backup, an American organization has exposed about 1.37 billion personal account details and email addresses online, ended up in data leaking online which could be seen by anyone poking around. Even the details weren’t secured by username or password.
A data breach hunter with MacKeeper, Chris Vickery, pointed out the issue along with CSOOnline and Spamhaus, the anti-spam group and released the details of the finding.
An outfit River City Media (RCM), run by spammers Alvin Slocombe and Matt Ferris, has leaked the files, Vickery wrote in his findings.
Vickery said the outfit was sending as many as a billion emails every day. However, the outfit claimed it as a legitimate marketing operation.
Some of the documents show how cost-effective spamming could be. A single day of activity that targeted Gmail users with 18 million emails and AOL users with another 15 million is shown by one leaked text. The total take: is around $36,000.
According to Vickery, through research over many years, automation and illegal hacking practices, the goal was achieved.
Microsoft, Apple, and other franchises had been informed of the details of the script and technique. Also, the law enforcement authorities are appraised, Vickery wrote.
One angle people aren't seeing yet to the big DB story– There are *tons* of military email account/full name/IP address combos here.
— Chris Vickery (@VickerySec) March 6, 2017
To ensure that the details are not faked, he looked up the names of certain people in the leaked list so as to authenticate them further.
There were several military email accounts whose IP addresses and full names were also present.
Chris Vickery wrote in detail that it is the initial reaction and natural response to asking about the dataset is it real or not.
“I’m still struggling with the best software solution to handle such a voluminous collection, but I have looked up several people that I know and the entries are accurate,” he further added.
According to him, the only thing saving grace is that some are outdated in these few years and the subject no longer lives in the same location.
The entire structure used by RCM is blacklisted by Spamhaus.
Share this article
About the Author
Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.More from Zehra Ali
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
Watch Prime Videos With Full Catalog and Unblocked Access Unblocking streaming content from Amazon P...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2021. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interfere w...