Nearly one billion people’s personal information has been compromised in a massive data breach involving a dubious online marketing company. According to a news report in The Daily Mail, email addresses from 982 million people were listed in what researchers are calling one of the biggest and most comprehensive email data breaches ever. The information that has been compromised includes names, gender, date of birth, employer, details of social media accounts, and even home addresses.
Significant Volume of Information Exposed
Security researchers uncovered the breach in an online database created by Verifications.io, which had no privacy protections in place. The firm essentially offered an “enterprise email validation” service, which allowed other marketing companies to check whether the list of email addresses they have obtained are genuine. Verifications.io took down its website after the data breach was uncovered. Not much is known about who was backing this company. The firm has maintained anonymity because of the dubious tactics it employs.
Passwords and payment card details were not leaked, but other records in the collection included company names, annual revenue figures, company websites, and even personal addresses. Security experts also confirmed that the Verifications.io leak contained unique records that have never been exposed in prior data breaches. The company offered a service to marketers where it would verify whether lists of email addresses were real. Marketing companies tend to contract this work out to third-party verification companies because it can be tedious to do manually.
What to Do If You Have Been Affected
The Daily Mail refers to cybersecurity expert Tory Hunt’s website “Have I Been Pwned” (https://haveibeenpwned.com/) that lets you check whether your email has been compromised as part of any data breaches that have happened. If your email address pops up, it is important that you change your password because you are at a greater risk of being exposed to hack attacks, fraud and other cybercrimes. Hunt also suggests that you enable two-factor authentication.
If you or a loved one has been the victim of a data breach, you may be able to file a class-action lawsuit seeking compensation for the losses you have suffered. For more information, contact an experienced class action lawyer. Companies have a responsibility to ensure that any private or sensitive information they collect from consumers is stored securely.