- Researchers found an unprotected 16TB MongoDB database that revealed nearly two billion PII-filled records
- Data likely scraped from LinkedIn and Apollo.io, linked to a possible lead-gen business
- The database was secured after publication, but the duration of exposure and malicious access remain unknown
More than 16 terabytes of professional and corporate intelligence data, including personally identifiable information (PII), sat in an unprotected database, accessible to anyone who knew where to look.
This is according to cybersecurity researchers at Cybernews, who found the database and described it as “one of the largest lead-generation datasets ever leaked.”
Despite the risks and disruptive potential, unprotected databases remain one of the most common causes of data breaches. In this case, the researchers found a MongoDB database with nearly 4.3 billion documents.
Personally Identifiable Information
The documents were divided into nine collections, labeled “intent”, “profiles”, “people”, “sitemap” and “companies” – among others. This structure led the researchers to believe that the database was likely scraped, possibly from LinkedIn and Apollo.io (an AI sales platform).
Of the nine collections, at least three contained personally identifiable information. These collections, containing nearly two billion files, revealed people’s names, emails, phone numbers, LinkedIn URLs and profile handles, job titles, employers, employment history, education, degrees and certifications, location data, languages, skills, features, social media accounts, image URLs, email trust scores, and Apollo IDs.
One of the collections also had people’s photographs. All of the disclosed PII puts users at serious risk of identity theft or fraud.
Cybernews says it could not attribute the database to a specific entity beyond a reasonable doubt, but said it found clues pointing to a lead generation company.
“The company helps businesses find and connect with potential customers and provides access to a large-scale B2B database of leads that are highly correlated with the type of information included in the exposed database,” the report said. The researchers reached out to that company, and although they did not get confirmation of ownership, the database was locked two days later.
It’s also unknown how long the instance remained open or if a malicious actor had access to it before, but it’s certainly possible.
Via Cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
