Verifications.io has taken down an unprotected MongoDB database found by researchers last week to contain 150GB-worth of plaintext marketing data including 763 million unique email addresses and various corporations’ revenue data.
“This is perhaps the biggest and most comprehensive email database I have ever reported. Upon verification I was shocked at the massive number of emails that were publicly accessible for anyone with an internet connection,” Security Researcher Bob Diachenko wrote in a blog post detailing his find. “Some of data was much more detailed than just the email address and included personally identifiable information (PII).”
Verifications.io, the owner of the database, pitches itself as an “enterprise email validation” provider. “Unfortunately, it appears that once emails were uploaded for verification they were also stored in plain text,” said Diachenko, who said the company took the database offline immediately after he reported it.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.