Verifications.io Database

| Posted on by

On 25 February 2019 security consultant Bob Diachenko discovered an enormous database of emails and other personal information. The database was not password-protected and available to anyone with an internet connection.

  1. Verifications.io Data Dump
  2. Verifications.io Database Server
  3. Verifications.io Database Login
  4. Verifications.io Data Breach 2020
Verifications.io DatabaseVerifications.ioDatabase

Diachenko worked quickly to figure out the extent of this data breach and found that it contained 763 million records. According to his blog, it is 'perhaps the biggest and most comprehensive email database [he has] ever discovered'. Troy Hunt of HaveIBeenPwned estimates that it is the second biggest data breach in history.

You would imagine that a database that size must be an accumulation of several previous data breaches, right? Wrong. All the evidence pointed to a single source. Verifications.io, a self-described 'big data email verification platform.'

DatabaseVerifications.io data dump download

May 31, 2021 In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed.

  1. The leaked database also exposes Verifications.io’s internal tools such as SMTP servers, email, spam traps, keywords to avoid as well as IP addresses to blacklist. All in all, heightened vigilance is warranted since throughout 2018 the number of data breaches increased by 424 percent compared to.
  2. Verifications.io unknowingly leaked two billion records in what is now one of the largest data breaches in history. Marketing companies around the world use Verifications.io to gather and collect information on their customers. Unfortunately for the company, the leaked records in their database were not encrypted.

On their now archived website, Verifications.io claims to help companies 'enhance their email list', 'remove hard bounces' and improve return on investment. But while this all seems above board, this kind of service is also a phishing scammer's dream and has great potential to be misused. As we discussed in our last blog, scammers need verified emails to help them bypass spam filters and evade law enforcement. A service that verifies emails would be a useful shortcut for malware spammers.

Verifications.io Data Dump

What particularly disturbed Diachenko was how detailed some of the profiles were. Data included:

  • Email addresses,
  • Names,
  • Dates of birth,
  • Employers
  • Job titles,
  • Genders,
  • Geographic locations,
  • IP addresses,
  • Phone numbers,
  • Physical addresses.

Verifications.io claimed that they drew data from publicly available sources. Does this imply that personal data online is fair game to be trawled and potentially misused?

Verifications.io Database Server

Hunt was curious about where exactly Verifications.io mined their data. So he sent out a tweet calling on people who use unique email addresses to see which of their accounts were compromised. Though nothing has been confirmed, respondents variously claimed that their single-use email addresses for Adobe, LinkedIn and Deluxe Check Company, LinkedIn, and TechNet Magazine were implicated.

Verifications.io Database Login

Now is a good time to reflect on how much of your data there could be out there. Every online subscription, eCommerce store, or online service you have ever signed up for has the potential to be mined. Imovie for mac 10.5.8 download. Within your company, which highly visible people could be targeted by hackers and malware spammers? It should be of great concern that Verifications.io can operate above board despite selling our sensitive data to be used far beyond the context in which the data was obtained. It is, of course, even more worrying that the data breach exposed this information to the general public.

Verifications.io Data Breach 2020

This is the new reality of life online, and it won't change any time soon. The onus is on us to actively protect ourselves, and that starts by understanding what a hacker would see if they came looking at your company.