Verifications.io Database

On 25 February 2019 security consultant Bob Diachenko discovered an enormous database of emails and other personal information. The database was not password-protected and available to anyone with an internet connection.

  1. Verifications.io Database Leak Download
  2. Verifications Io Breach Download

Verifications.io is an email verification and marketing company that led to the exposure of one of its clients (MongoDB) database to the public. Importing ecoinvent database in ecospold format for mac.

Verifications.io Database Leak Download

Diachenko worked quickly to figure out the extent of this data breach and found that it contained 763 million records. According to his blog, it is 'perhaps the biggest and most comprehensive email database [he has] ever discovered'. Troy Hunt of HaveIBeenPwned estimates that it is the second biggest data breach in history.

You would imagine that a database that size must be an accumulation of several previous data breaches, right? Wrong. All the evidence pointed to a single source. Verifications.io, a self-described 'big data email verification platform.'

On their now archived website, Verifications.io claims to help companies 'enhance their email list', 'remove hard bounces' and improve return on investment. But while this all seems above board, this kind of service is also a phishing scammer's dream and has great potential to be misused. As we discussed in our last blog, scammers need verified emails to help them bypass spam filters and evade law enforcement. A service that verifies emails would be a useful shortcut for malware spammers.

  1. Verifications.io provides enterprise email validation – a way for marketers to check that email addresses on their mailing lists are valid and active before sending marketing emails. This time the email validation service Verifications.io has leaked a large database containing personal and sensitive records of more than 2 billion individuals.
  2. Verifications.io Database Leak Download Verifications Io Data Breach Look Up Search After researching more about Verifications.io online and comparing the information that was publicly available in the database we have come to the following conclusions.
  3. 3/11/2019 In February 2019, a publicly accessible mongo database with no password for verifications.io was discovered. It is legal to download any and everything on that public database.
  4. May 31, 2021 In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed.

What particularly disturbed Diachenko was how detailed some of the profiles were. Data included:

Employment verification database
  • Email addresses,
  • Names,
  • Dates of birth,
  • Employers
  • Job titles,
  • Genders,
  • Geographic locations,
  • IP addresses,
  • Phone numbers,
  • Physical addresses.

Verifications.io claimed that they drew data from publicly available sources. Does this imply that personal data online is fair game to be trawled and potentially misused?

Hunt was curious about where exactly Verifications.io mined their data. So he sent out a tweet calling on people who use unique email addresses to see which of their accounts were compromised. Though nothing has been confirmed, respondents variously claimed that their single-use email addresses for Adobe, LinkedIn and Deluxe Check Company, LinkedIn, and TechNet Magazine were implicated.

Now is a good time to reflect on how much of your data there could be out there. Every online subscription, eCommerce store, or online service you have ever signed up for has the potential to be mined. Within your company, which highly visible people could be targeted by hackers and malware spammers? It should be of great concern that Verifications.io can operate above board despite selling our sensitive data to be used far beyond the context in which the data was obtained. It is, of course, even more worrying that the data breach exposed this information to the general public.

Verifications Io Breach Download

This is the new reality of life online, and it won't change any time soon. The onus is on us to actively protect ourselves, and that starts by understanding what a hacker would see if they came looking at your company.