Security & Fraud

800M Email Addresses Exposed Online

Data Incorta

A security researcher claims to have discovered a non-password protected MongoDB instance at Verifications IO, marking what Security Discovery called the biggest and most detailed email database it has reported on.  Verifications IO is an email marketing company. The exposed number of records is around 809 million.

According to the report, upon verifying the 150GB sized file that wasn’t password protected, researcher Bob Diachenko wrote it was massive, with tons of emails available to the public and accessible to anyone who was online. Some of the data also included personally identifiable information, noted the report.

In the post the researcher said the data had 808,539,939 records with the biggest portion named “mailEmailDatabase.” The other portions were named Emailrecords, which has  798,171,891 records, emailWithPhone which had 4,150,600 records and businessLeads which 6,217,358 records, noted the report. The records also included email addresses, phone numbers, and addresses. Identifying data such as gender, date of birth, personal mortgage amount, interest rate, social media accounts, and credit score data was also exposed.

“As part of the verification process I cross-checked a random selection of records with Troy Hunt’s HaveIBeenPwned database,” wrote the researcher in the report. “Based on the results, I came to the conclusion that this is not just another ‘Collection’ of previously leaked sources but a completely unique set of data. Although, not all records contained the detailed profile information about the email owner, a large number of records were very detailed.”

The researcher noted in the report that the database was taken down as soon as he sent a notification to the support at the company. “In addition to the email profiles, this database also had access details and a user list of (130 records), with names and credentials to access FTP server to upload / download email lists (hosted on the same IP with MongoDB). We can only speculate that this was not meant to be public data,” Diachenko wrote in the blog.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.