Information on 1.2 billion people uncovered in massive data leak
.jpg)
Four billion records on 1.2 billion people were found on an unsecured Elasticsearch server. Researchers Bob Diachenko of SecurityDiscovery and Vinny Troia of Data Viper found the four terabyte data trove amasses from four billion user accounts.
"A total count of unique people across all datasets reached more than 1.2 billion people, making this one of the largest data leaks from a single source organisation in history. The leaked data contained names, email addresses, phone numbers, LinkedIn and Facebook profile information," wrote Vinny Troia.
"What makes this data leak unique is that it contains data sets that appear to originate from two different data enrichment companies."
The discovered Elasticsearch server containing all of the information was unprotected and accessible via web browser at http://35.199.58.125:9200. No password or authentication of any kind was needed to access or download all of the data, wrote Troia.
That so much information can be concentrated in one place and moved around so easily is the blessing and the curse of the information age, commented Jonathan Knudsen, senior security strategist at Synopsys.
"It takes only one bad decision by one person to result in massive data exposure. Organisations worldwide should respond by finding out where they keep their data, how that data is being transferred, how long it is kept and why, and what protections are in place," he said.
The type of data exposed is not sensitive in nature, but it can be gold dust for an attacker, said Keith Geraghty, solutions architect at Edgescan.
"The data will allow for large scale phishing campaigns against users. The attack path will likely be the usual methods of delivery such as emails, profile impersonations and scam phone calls. Also we may see widespread brute force attempts made on applications which use email as the method of login," he warned.
Accidental exposure of data in the cloud continues to be one of the leading causes of data breaches, and it happens with cloud service providers and with all types of SaaS applications, said Ray Canzanese, threat research director at Netskope.
According to Canzanese, these generally stem from three underlying issues:
First, there are a lot of cloud apps out there. Understanding how to manage identity and access in all of the apps you use is very challenging, especially for the more complex ones.
Second, it is hard to know when you have made a mistake. Cloud apps don’t understand your intentions or whether you didn’t intend to share that internal report with the world, or that this port should have been exposed to a much smaller IP address range.
Third, cloud apps have largely placed access control in the hands of the user, which magnifies the first two challenges. Many users don’t understand how to manage identity and access in all of the apps your enterprise uses – both sanctioned and unsanctioned. Most organisations don’t have any controls in place to check to see whether they have made any mistakes, and often it takes just one person to make a mistake.
"The question is just how motivated and dedicated your adversary is. All they have to do is find the exposure. This is one of the key challenges that security vendors are working to solve today – how to make it easier to configure and audit access to prevent the mistakes that lead to data breaches," said Canzanese.
"Once again the People Data Labs breach is a win for the black market and underground crime syndicates, as a treasure trove of personal information is available to criminals," said Sam Curry, chief security officer at Cybereason.
"Over the years, hundreds of billions of online accounts have been exposed, meaning that personal information on every human on the face of the earth has been stolen 20x or more."
source scmagazineuk
Industry: Cyber Security
Latest Jobs
-
- Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote)
- London
- N/A
-
Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote) We are seeking an experienced technical Security Consultant to help clients deploy and enhance their cyber defences across Microsoft and vulnerability management technologies. You will work with enterprise customers to deliver tailored solutions across threat detection, endpoint protection and exposure management, ensuring security platforms are efficient, integrated and aligned with operational goals. Whilst you won't do the design yourself- you will work alongside technical Presales to document, agree and then deliver the solution. You will have experience leading delivery the implementation and improvement projects, providing hands-on support with configuration, integration and optimisation. You will assess existing environments, recommend enhancements and guide clients on best practice to strengthen visibility and control. Strong experience with SIEM, XDR and vulnerability tooling (Microsoft & Tenable ecosystems ideal) Understanding of Azure security, identity and access controls Background in consulting or project-based cyber delivery Clear communication skills with the ability to engage senior stakeholders Extra points if you have the SC-100. You must be eligible to achieve UK Security Clearance to be considered for this role.
-
- Account Director | Cyber Security Consulting | UK - South East
- London
- N/A
-
Account Director | Cyber Security Consulting - Financial Services | UK - South East. New Role due to Growth We are looking for an experienced Account Director to develop and expand existing relationships across the financial services sector, working with investment firms, asset managers, private equity groups and strategic partners to deliver intelligent cyber consulting and a bespoke Cyber product offerings. You will act as a trusted advisor, helping organisations strengthen digital resilience, manage third-party and regulatory risk and adopt a proactive approach to cyber assurance. Key Responsibilities Manage a defined portfolio of financial clients, understanding business priorities and aligning tailored cyber solutions. Drive new client engagement while nurturing existing partnerships through a consultative, long-term approach. Present the benefits of advanced cyber services including threat intelligence, vulnerability management, incident readiness, and continuous risk monitoring. Collaborate with technical and delivery teams to ensure smooth engagement from proposal through to implementation and ongoing support. Prepare proposals, negotiate commercial terms, and clearly articulate value and business outcomes. Build trusted relationships at senior and board level. Ideal Profile Strong background in cybersecurity, consulting, or risk management within financial services. Skilled communicator with proven success managing and growing key accounts. Able to translate complex technical insight into commercial and strategic value for clients. Confident engaging with senior stakeholders and decision makers. Please note: Sponsorship is not available.
-
- SOC Analyst- Level 2- Hybrid Greater London
- London
- N/A
-
SOC Analyst- Level 2- Hybrid Greater London New opportunity created through continued growth. We’re looking for a SOC Analyst (Level 2) to strengthen a growing managed security team. You’ll work hands-on with Microsoft Sentinel and Defender XDR, investigating alerts, responding to incidents, and helping improve how clients stay protected. This role is ideal for someone who enjoys unravelling security events, thinking critically under pressure, and making a real difference day to day. What you’ll do · Investigate and respond to security activity across SIEM and endpoint tools · Analyse network and log data to uncover real threats · Support automation initiatives to streamline response processes · Help maintain visibility, data flow, and performance across SOC platforms What you’ll need · Practical experience using Microsoft Sentinel and Defender XDR · Confident working with KQL or similar query languages · Understanding of attacker tactics and response techniques · SC-200 certifications would be nice. · Experience supporting multiple customer environments Please note: Sponsorship is not available.
-
- Senior SOC Engineer - UK - New role due to growth
- London
- N/A
-
Senior SOC Engineer – New role due to growth We are hiring a Senior SOC Engineer to take the lead across security operations for a growing managed service. You will lead detection, response and onboarding activity across multiple clients, helping shape how the SOC evolves. Expect variety; from fine-tuning alerts and threat hunting to supporting customers and mentoring junior analysts. What you’ll bring · Strong experience across SIEM, EDR, and threat detection tools · Confident working with customers in a managed service environment · Skilled in scripting or query languages such as KQL or PowerShell · Knowledge of frameworks like NIST, ISO27001, MITRE ATT&CK · Calm communicator with a problem-solving mindset · Experience with Azure Lighthouse or delegated access models · Prior involvement in automation or SOC improvement projects Location: South East England- Hybrid role Please note: Sponsorship cannot be offered now or in the future.