Breach exposes at least 58 million accounts, includes names, jobs, and more | Ars Technica

http://arstechnica.com/security/2016/10/breach-exposes-at-least-58-million-accounts-includes-names-jobs-and-more/

2 Comments

  1. Tomi Engdahl says:

    Personal info on more than 58 million people spills onto the web from data slurp biz
    Modern Business Solutions keeping quiet
    http://www.theregister.co.uk/2016/10/13/us_data_aggregator_megabreach/

    A US-based data aggregator that trades people’s personal information with the automotive industry and real estate companies has seemingly spilled the private information of more than 58 million people online.

    A large MongoDB file – which belongs to Modern Business Solutions and containing tens of millions of records – was shared publicly on Twitter. The stolen database features email addresses, names, home addresses, dates of birth and phone numbers. Downloads of the leak have been deleted, but perhaps not before exposing people to increased risk of more convincing phishing emails or attempted ID theft scams.

    Austin-based Modern Business Solutions is yet to publicly acknowledge the breach, first reported by security tools firms Risk Based Security and DataBreaches.net.

    an alert from breach notification site haveibeenpwned.com

    Reply
  2. Tomi Engdahl says:

    Modern Business Solutions Stumbles Over A Modern Business Problem – 58M Records Dumped From An Unsecured Database
    https://www.riskbasedsecurity.com/2016/10/modern-business-solutions-stumbles-over-a-modern-business-problem-58m-records-dumped-from-an-unsecured-database/

    Much has been written about the dangers of poorly secured MongoDB databases among others. Despite the many warnings, millions of records have been lost due to misconfigurations in this database software. Now we have yet another massive database leak has been uncovered related to an insecure MongoDB installation, exposing at least 58 million subscriber records.

    Twitter user @0x2Taylor posted exfiltrated data on the file sharing site MEGA twice over the weekend, each time resulting in the data being taken down very quickly. The data was then released for a third time on a smaller file sharing website. After analyzing the dataset, we can confirm that nearly 58 million records contain full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations were included in the leak.

    While the data itself is easy enough to read, identifying the owner of the database has been more challenging. Nothing within the dumped dataset itself pointed to who might be responsible for the information.

    researchers were able to confirm it was an open MongoDB installation and identify the owner as Modern Business Solutions. Working with Databreaches.net, Modern Business Solutions was contacted and made aware of the issue. Although neither RBS or Databreaches.net have yet received a reply from Modern Business Solutions, the database has since been secured and is no longer accessible.

    Wait, 58M Records Or 258M?!

    Shortly after discovering the ownership, our researchers received a curious update from 0x2Taylor. New information emerged indicating an additional table had been identified, containing 258 million rows of personal data. The data was presented in a similar format as the original leak

    It is unclear how much data from this second table may have been compromised

    Putting The Breach In Context

    There have been 2,928 publicly disclosed data breaches so far this year, exposing more than 2.2 billion records. While 2.2 billion is a big number, RBS research indicates 55% of the breaches taking place in the first half of 2016 exposed 10,000 or less records. Unfortunately, some of the most notable “mega-breach” exceptions have come from misconfigured databases. With so much media attention given to mysterious “Russian hackers” or the more general “state sponsored actors”, it can be easy to lose sight of the fact some of the largest and most damaging breaches have nothing to do with the nebulous “advanced persistent threat”. Rather, they can be attributed to weak controls, poor management practices or under-resourced staff.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*