Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Customer Data / Spam Operator Suffers Data Breach
Spam E-Mail Operator's Faulty Backup Leaks 1.37 Billion Addresses
Spam E-Mail Operator's Faulty Backup Leaks 1.37 Billion Addresses
By Alex Hern Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
One of the largest spam operations in the world has exposed its entire operation to the public, leaking its database of 1.37 billion email addresses thanks to a faulty backup.

As well as email addresses, the holy grail of the spam operation, personal information including real names, IP addresses and physical addresses have also been leaked, though on a smaller scale than the email information that makes up the bulk of the dataset.

According to security researchers at MacKeeper, the leaked information stems from an operation called River City Media, an email marketing firm that sends up to a billion messages a day to spam filters across the world.

"The situation presents a tangible threat to online privacy and security as it involves a database of 1.4bn email accounts combined with real names, user IP addresses, and often physical address," said MacKeeper's Chris Vickery. "Chances are that you, or at least someone you know, is affected."

Vickery hasn't managed to fully verify the leak, but says he has found addresses he knows are accurate in the database. And the source of the data, a snapshot of a backup made at some point in January 2017, accidentally published to the internet without any password protection, adds more credibility to the leak.

"Well-informed individuals did not choose to sign up for bulk advertisements over a billion times," Vickery says. "The most likely scenario is a combination of techniques. One is called co-registration. That's when you click on the 'Submit' or 'I agree' box next to all the small text on a website. Without knowing it, you have potentially agreed your personal details can be shared with affiliates of the site."

Anti-spam organisation Spamhaus, working alongside MacKeeper and Vickery, has used the information contained in the leak to add River City Media's details to its database, blacklisting the firm's entire infrastructure.

The breach is so large that when Vickery initially reported that he had access to a leaked dataset containing 1.4bn records, India's national government issued a statement denying that it was the source -- the country's federal ID system is one of the few databases in the world containing more than a billion individuals, and speculation ran rampant until Vickery released the actual information.

© 2017 Guardian Web under contract with NewsEdge/Acquire Media. All rights reserved.
Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.