Steve Ragan reports:
Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. The person offering the files claims the data is from Experian, and is looking to get $600 for everything.
Details of this incident came to Salted Hash via the secure drop at Peerlyst, where someone uploaded details surrounding the sale and the data. The data was first vetted by the technical review board at Peerlyst, who confirmed its legitimacy. Once it was cleared by the technical team, a sample of the data was passed over to Salted Hash for additional verification and disclosure.
Read more on Salted Hash. Note that this is the same database/situation that DataBreaches.net reported on last week, after it was first reported by HackRead. DataBreaches.net’s report had included Experian’s denial that the data were hacked from their system. They apparently have sent Steve the same statement.
Attribution aside (and yes, figuring out who got compromised is important), the fact that so much information about over 200 million people is in the wild should concern everyone. Not all of the data will be accurate, but much of it will be, and that poses a variety of risks, as Steve appropriately notes. Do read his article to find out more about the more than 80 types of information in this database.