Data Breach: 763 million unique email address exposed
What data was compromised:
Dates of birth, Email addresses, Employers, Genders, Geographic locations, IP addresses, Job titles, Names, Phone numbers, Physical addresses
In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. Thankfully no passwords were included in the data. The Verifications.io website went offline during the disclosure process, although an archived copy remains viewable.
It is highly likely that your email address and other personal info was compromised in this breach. To verify if your email address has been part of a data breach we recommend that you go to haveibeenpwned.com. So if your information has “beenpwned”, what do you do?
- First step: Don’t panic.
- Second step is to make a note of what type of data was reported as being leaked and from what sources. Some times the leak comes from an individual online service (e.g. Facebook, Linkedin, etc) If this is the case then it’s more straight forward.
- Third step is to change the password on that account and check your privacy settings.
- Fourth step is to change the password anywhere else you may have used the same one. To check to see if a password you have used is on a known breached password list go here: haveibeenpwned.com/Passwords
Image Credit: www.blogtrepreneur.com – Source Credit: haveibeenpwned.com