Advanced searches left 3/3
Search only database of 8 mil and more summaries

People Data Labs

Summarized by PlexPage
Last Updated: 02 July 2021

* If you want to update the article please login/register

General | Latest Info

People Data Labs

Twitter@peopledatalabs
Facebookpeopledatalabs

For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stealing and aggregating consumer data that they use to break into people's accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal informationabout 1. 2 billion records in all. While the collection is impressive for its sheer volume, data doesn't include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated Social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scrapped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses. It bad that someone had this whole thing wide open, Troia say. This is the first time I 've seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of the attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associate account URLs. That's lot of information in one place to get you start. Troia found the server while looking for exposures with fellow Security researcher Bob Diachenko on web scanning services BinaryEdge and Shodan. The IP address for the server was simply traced to Google Cloud Services, so Troia doesn't know who amass data store there. He also has no way of knowing if anyone else found and download data before he does, but notes that the server was easy to find and access. Wire checked six people's personal email addresses against a data set; four were there and returned accurate profiles. Troia reported exposure to contacts at Federal Bureau of Investigation. Within a few hours, he say, someone pulled server and expose data offline. The FBI declined to comment for this story. The data Troia discovered seems to be four data sets cobbled together. Three were label, perhaps by the server owner, as coming from a data broker based in San Francisco called People Data Labs. Pdl claims on its website to have data on over 1. 5 billion people for sale, including almost 260 million in the US. It also touts more than a billion personal email addresses, more than 420 million LinkedIn URLs, more than a billion Facebook URLs and IDs, and more than 400 million phone numbers, including more than 200 million valid US cellphone numbers. Pdl cofounder Sean Thorne says that his company doesn't own servers that host exposed data, assessment Troia agrees with based on his limited visibility. It's also unclear how records got there in the first place. Owner of this server likely uses one of our enrichment products, along with a number of other Data - enrichment or licensing services, said Sean Thorne, cofounder of People Data Labs.

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions.

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions

How alarming is the situation?

Data sleuth extraordinaire Bob Diachenko is AT IT again. His latest discovery: collection of profiles that contain detailed information on staggering 1. 2 billion individuals. As is often the case with leaks Diachenko tracks down, this latest example was traced back to an unsecured Elasticsearch server. Information stores in databases appear to belong to two different companies, both of which operate completely legitimate data aggregation businesses. One source was People Data Labs, which bills itself as source of truth for people's data. Pdl boasts that its profiles offer unparalleled coverage across over 150 data points. The other was Oxydata. Io, company that provides in - depth data on people and companies. Oxydata has aggregate data on more than 380 million people and some 14 million companies. Diachenko and his colleague Vinny Troia compared samples from expose Data to profiles provided by both PDL and Oxydata. Both were nearly perfect matches. According to the Troia report, his own Oxydata record seems to contain a fairly complete copy of information from his LinkedIn profile. His PDL profile was even more detailed. It even contains a 10 - year - old phone number hed been assigned as part of AT & T bundle but never actually used. Researchers contacted both companies and both claimed that servers leaking databases do not belong to them. Assuming that is true, that makes this leak even more alarming. This is the reality we face heading to 2020. Scores of legitimate companies are harvesting data about the US from sources all over the Internet. They combine that data to form incredibly detailed profiles of the US and then sell or share those profiles with other companies. Data flows like water. And IT keeps getting spill. At 1. 2 billion records, Troia notes that this is one of largest leaks weve ever witness. We may never learn who IT was that compiled both companies ' data into single database and then left IT expose. Even if we do, Troia notes that there may be very little that could be done. Data enrichment companies are still largely unregulated and legal protections for our personal data are sadly lacking. Until that changes, best we can do is change email addresses and phone numbers. And perhaps create new Facebook, Twitter or LinkedIn accounts from scratch. When IT feels like your data will just get leaked again, though. Many victims might wonder why they should even go through trouble.

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions.

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions

Sources

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions.

* Please keep in mind that all text is machine-generated, we do not bear any responsibility, and you should always get advice from professionals before taking any actions

logo

Plex.page is an Online Knowledge, where all the summaries are written by a machine. We aim to collect all the knowledge the World Wide Web has to offer.

Partners:
Nvidia inception logo

© All rights reserved
2021 made by Algoritmi Vision Inc.

If you believe that any of the summaries on our website lead to misinformation, don't hesitate to contact us. We will immediately review it and remove the summaries if necessary.

If your domain is listed as one of the sources on any summary, you can consider participating in the "Online Knowledge" program, if you want to proceed, please follow these instructions to apply.
However, if you still want us to remove all links leading to your domain from Plex.page and never use your website as a source, please follow these instructions.