News

Spammer database with 1.4 billion email addresses leaked due to backup error

By admin
Spread the love

Security researcher Chris Vickery claims to have found a database of 1.4 billion email addresses, which was accessed insecurely over the internet. The database is said to come from River City Media, which is responsible for a large amount of spam.

In a blog post on the site of his security company MacKeeper, Vickery doesn’t describe exactly how he found the data in January of this year. According to the site CSO Online, with which he shared his findings, the data was leaked via a misconfigured rsync backup. In addition to e-mail addresses, the database often also contains first and last names, IP addresses and physical addresses. According to Vickery, these last two pieces of information make the database particularly valuable, because a link can be made between the two addresses.

The researcher says he is overwhelmed by the large amount of data, but claims to have verified several times that it is real data. He did this by approaching acquaintances who appear in the database. His verification attempts revealed that in some cases the database contains outdated information. Vickery goes on to say that it doesn’t appear that the database was built using a web scraper. He suspects that the e-mail addresses ended up in the database through ‘co-registration’, whereby sites share entered personal data with other services, for example via sites that give out ‘free gifts’ in exchange for registration.

In addition to personal data, the backups contain detailed internal information about the River City Media company. The data includes logs of conversations via Hipchat, registration data, accounting and partners the company works with. Some data is very recent and dates from January of this year. According to anti-spam organization Spamhaus, River City Media, or RCM, is a company engaged in sending spam, while also carrying out legitimate activities. The leaked data shows that RCM is collaborating with several advertising companies, according to CSO Online. The site plans to publish more information about the company based on the data in the near future.

The database with internal data was shared by Vickery with Spamhaus and the necessary investigative services. Spamhaus added the entire RCM infrastructure to its spam blacklist on Monday.

Screenshot of the RCM database with email addresses, via MacKeeper

You might also like
News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Sony and Microsoft sign agreement to keep Call of Duty on PlayStation

News

PC version Ratchet & Clank: Rift Apart required by DirectStorage 1.2 no SSD

News

Microsoft releases new font for Word, Outlook, PowerPoint and Excel

Exit mobile version