Security researchers have discovered a massive database that contains the personal information of over 63 million Americans. The Elasticsearch database was totally unsecured and exposed sensitive information such as names and addresses. This trove of data was exposed on the Internet to anyone who could find it. It’s not known if anyone did.
The Elasticsearch database was discovered by the team at vpnMentor led by Noam Rotem and Ran Locar.
It was later traced back to OneMoreLead, which claims on its website to have a massive database of over 40 million verified B2B prospects.
The exposed database included around 126 million records. According to the company, the number of people affected could be at least 63 million, depending on how many duplicates there are.
The information contained in the leaked documents included names, job titles, home and work email addresses, phone numbers, home IP addresses, and more.
“The database contained detailed personal information about tens of millions of people — everything from their job title to their home IP address,” vpnMentor said. “Cybercriminals could easily use this information to pursue financial fraud against everyone exposed. Simultaneously, they could use the information to build effective phishing campaigns, posing as a person’s employer, the government, and other trusted organizations.”
Many of the emails the research team viewed had .gov suffixes or belonged to individuals likely working for the New York Police Department.
Private data from members of the police and government is a goldmine for hackers.
Since the company is new, it is unclear where the information came from, vpnMentor researchers said.
“The company is new, with no known clients and an unfinished website. So, it’s unlikely they collected data from 126 million people since opening in 2020 — unless the people behind OneMoreLead were working on a similar business previously.”
Researchers think the data may be collected from a previous 2020 leak:
“Furthermore, the exposed data bears an uncanny resemblance to a leak originally connected German B2B marketing company Leadhunter in 2020. Leadhunter denied responsibility for the leak at the time, and researchers couldn’t confirm a link.”
OneMoreLead secured the database the next day it was informed about the issue.
Security issues like this can be easily avoided by following a few simple steps. These include proper access rul, securing servers, and never exposing a system that requires authentication to the Internet.
