DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

That marketing email database that exposed 809 million contact records? Maybe make that two-plus BILLION. (UPDATED: No, don’t. Those claims are not supported)

Posted on March 8, 2019 by Dissent

Update 1:  Vinny Troia contacted me to question DynaRisk’s claims.  He informs this site that he has all four databases,  has all of the data that is in the Dynarisk screenshots,  and there is nowheres near 2 billion records.  So it seems that this questions is unsettled as yet. DataBreaches.net will be contacting Dynarisk.

Update 2: I’ve sent an inquiry to DynaRisk, but more significantly, I found that this leak had first been discovered and reported  prior to Security Discovery’s report. @Cyber_War_News reported finding it in January. In a chat with @Cyber_War_News this morning, he informed me that there were more than four databases and that they were hosted on a number of IP addresses or servers. While he didn’t run a full analysis of the data, he informs me that there were closer to 2 billion records than 800 million, and that he had notified Bob Diachenko of that after Bob’s report appeared.

So for now, it seems like the larger figure is more likely to be correct.

Update 3 and Correction:  DynaRisk never responded to inquiries from this site, and Vinny Troia sent this site additional statistics and directory structure supporting their claim that there are about 809 million records.  As to CWN, I had misunderstood what leak he was talking about. My apologies to everyone involved.


Original post, which I’m tempted to just delete as inaccurate, but will leave it here with the correction above.

Thomas Claburn reports:

An unprotected MongDB database belonging to a marketing tech company exposed up to 809 million email addresses, phone numbers, business leads, and bits of personal information to the public internet, it emerged yesterday.

Today, however, it appears the scope of that security snafu was dramatically underestimated.

According to cyber security biz Dynarisk, there were four databases exposed to the internet – rather than just the one previously reported – bringing the total to more than two billion records weighing in at 196GB rather than 150GB. Anyone knowing where to look on the ‘net would have been able to spot and siphon off the data, without any authentication.

Read more on The Register.

Category: Business SectorExposureOf Note

Post navigation

← Algonquin College faculty union files grievance over data breach
Tufts expelled a student for grade hacking. She claims innocence →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.