By
Tolu Ajiboye
December 12th, 2019
Researchers have discovered an unsecured server containing 4 terabytes of personal data, including Facebook, Twitter, LinkedIn accounts, exposed and easily accessible online.
For more than ten years, different identity thieves, online hackers, and scammers have formed a black market and traded with other people’s data, account numbers, social security numbers, etc. In October, dark web researcher Vinny Troia discovered a similar package that was just sitting there, exposed and non-secured in any way. And it’s worth mentioning that Facebook users (though not only) have suffered once again.
The block had 4 terabytes of personal info hidden in approximately 1.2 billion records. However, this block didn’t have the most sensitive data as passwords or credit card numbers. Still, it had phone numbers, linked social media profiles, CV’s took from LinkedIn, email addresses, etc.
Troia said this is the first time he saw a single database that had so many social media profiles collected and thinks that the goal of this was impersonating other people. He noted he found this server while looking for displays with his colleague Bob Diachenko on the web scanning services BinaryEdge and Shodan. The IP address guided to Google Cloud Services so it couldn’t be possible to see who actually gathered all these data. However, he reported exposure to contact the Federal Bureau of Investigation but as soon as he did that, someone pulled the server and exposed the data offline.
The three discovered data sets (it was four sets tied together) seem to be coming from San Franciscan data broker dubbed People Data Labs who claims to have data on over 1.5 billion people for sale, including an impressive amount of email addresses, LinkedIn accounts, Facebook accounts and phone numbers.
PDL’s cofounder Sean Thorne stressed that his company doesn’t own this server so it is really not clear how the records got there in the first place.
Sean Thorne said:
“The owner of this server likely used one of our enrichment products, along with a number of other data-enrichment or licensing services. Once a customer receives data from us, or any other data providers, the data is on their servers and the security is their responsibility. We perform free security audits, consultations, and workshops with the majority of our customers.”
Troia thinks that People Data Labs wasn’t hacked since it is pretty easy to buy data from the company. However, it was found something interesting. One of the other data sets is signed “OXY,” and every record in it also contains the word “OXY” that Troia thinks it could mean data broker Oxydata, which claims to have 4 TB of data, including 380 million consumers’ and employees’ in 195 world countries.
Oxydata director of business-to-business sales Martynas Simanauskas, however, claimed Oxydata hasn’t been hacked and that it does use “OXY” label for its records.
Be it as it may, this data exposure is just the latest among Troia’s discoveries. In January this year, Troia found 2.2 billion records shared through hacker forums. In March, Troia and Diachenko found that an email marketing company Verifications.io had left 809 million records publicly accessible.
According to Troia, in the last few years, he built a storage for exposed data to use in scanning and tracking. By March 2018, he consumed 5 billion and today he assembled more than 13 billion.
One of the most shared information was Facebook profile. Facebook suffered a lot of breaches and the last one happened on Monday when it announced that hundreds of their users possibly had their data “improperly accessed” after they used their accounts to log in to certain Android apps. However, this privacy breach didn’t have an effect on the stock price – it closed 0.49% higher on $199.79.
