The breach was spotted accidentally when a security expert logged into an “email validation” firm’s website, and, having passed the verification stage, woke up to the fact that he had gained access to unknown people’s personal details.
Security researchers have discovered that the email addresses of roughly 982 million people have been leaked in what has been billed one of the “biggest and most comprehensive email database” breaches in history.
After an “email validation” firm called Verifications.io appeared to have breached the aforementioned personal details online, including other types of vital information, like customers’ names, gender, and birthdays, its website was shortly taken down.
“This is perhaps, one of the biggest and most comprehensive email databases I have ever reported”, Bob Diachenko, one of the security researchers who first spotted the leak, wrote in a blog post. He discovered the overwhelming breach after he complied with the verification procedure on the website just to find that the vast amount of emails on it “were publicly accessible for anyone with an internet connection”.
“Some of data was much more detailed than just the email address and included personally identifiable information”, he went on to say in his post.
The said firm, Verifications.io, has so far declined to comment on the issue. In the meantime, Diachenko wrote to the shady entity’s support team that he had exposed the huge data breach on its website, but was told in response that the information featured there was “public”. However, shortly afterwards the firm’s website disappeared into thin air, having removed all its traces.
While it is not yet known whether the breached data was accessed by any criminals, there is one positive thing about the whole matter: no passwords or credit card details were leaked on the database, which rules out illegal financial schemes.