In one of the biggest breaches in recent history, data from more than 1.2 billion individuals has been leaked online. It stems from a publicly available server which pulled its data from a pair of so-called data enrichment companies — People Data Labs and oxydata — that aggregate personal information on millions of individuals and sell it to customers. The firms in question can't explain how the data got there.
The leaked data consists of names, email addresses, phone numbers, and LinkedIn and Facebook profile information, including job history data. It stems from a total of 4 billion individual data sets stored on 4TB of storage. Security research firm Data Viper exposed that the information was available to anyone at http://18.104.22.168:9200, requiring no password or authentication. Its indexes include some starting with pdl and oxy that contain the majority of personal data. Those initials point to the data enrichment companies People Data Labs and oxydata. When asked for comment by Data Viper, they shared that they didn't own the servers.
The indexes were available to anyone with the IP address.
The security researchers couldn't determine who is responsible for the leak since the cloud provider who hosts the server wouldn't share any information on its customer due to privacy reasons (the irony). It's likely that the data stems from a customer of both oxydata and People Data Labs. The information doesn't necessarily have to be outright stolen, the customer might've just stored the data improperly. Of course, that doesn't excuse the behavior in any way and goes contrary to each and every IT security guideline.
To check if you're affected by the breach, head to a service like haveibeenpwned.com and punch in your email address. According to the website, the data leak described in this article is the fourth biggest it ever recorded with information from 622 million leaked (the service only counts email addresses, not all data sets).
- Data Viper