VisiCom Services Blog

VisiCom Services has been serving the Rochester Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: 33.7 Millions Records Released to Public Due to Leak of Massive Marketing Database

Alert: 33.7 Millions Records Released to Public Due to Leak of Massive Marketing Database

In recent news, millions of records containing personal information were made available to the public in a sizable data leak, providing potential scammers with plenty of information to utilize in their schemes. These records were all part of a 53 GB database that was available for purchase from Dun & Bradstreet, a business service firm.

The database contained information that could be of great use to hackers and marketers alike, as it outlined corporate data for businesses within the United States, providing professional details and contact information for members at every level of the businesses included.

Dun & Bradstreet released a statement via email in an attempt to remove the firm from any responsibility. According to the firm, there was no evidence of a breach on their systems. The email also pointed out that the leaked data was sold to “thousands” of other companies, and that the leaked data seemed to be six months old. In essence, Dun & Bradstreet’s position was “not our fault.,” and that there was little cause for worry, as the list only contained “generally publicly available business contact data.”

However, not everyone feels that the responsibility for this event can be passed off so easily, especially considering the nature of the data found on the database.

Troy Hunt manages Have I Been Pwned, a data leak alert site that allows a user to reference one of their accounts to determine if their credentials have been compromised. He offered up his own take after reviewing the database for himself. Hunt’s analysis revealed that the organizations with the most records in the database were:

  • The United States Department Of Defense: 101,013
  • The United States Postal Service: 88,153
  • AT&T Inc.: 67,382
  • Wal-Mart Stores, Inc.: 55,421
  • CVS Health Corporation: 40,739
  • The Ohio State University: 38,705
  • Citigroup Inc.: 35,292
  • Wells Fargo Bank, National Association: 34,928
  • Kaiser Foundation Hospitals: 34,805
  • International Business Machines Corporation: 33,412

If this list alarms you, you have the right idea. In his comments, Hunt brought up a few concerns that he had with the contents of the database out in public.

First of all, this list is essentially a guidebook for someone running a phishing campaign. A resourceful scammer could easily use the information contained in this list (including names, titles, and contact information) to create a very convincing and effective campaign. Furthermore, the most common records in the leaked database were those of government officials and employees. Hunt went so far as to mention which personnel records could be found in the database for the Department of Defense: while “Soldier” was the most common, the list also included “Chemical Engineer” and “Intelligence Analyst” entries.

In his response, Hunt asked a very important question: "How would the U.S. military feel about this data - complete with PII [personally identifiable information] and job title - being circulated?" With the very real threat of state-sponsored hacking and other international cyber threats in mind, Hunt brought up the value this list would have to a foreign power that isn’t fond of the U.S.

Finally, Hunt cited the chances of this data being recovered to be at a firm “zero” percent.

In short, despite the reassurances from Dun & Bradstreet, this database going public could present some very real dangers to any businesses included in it.

If you’re worried that your business may be vulnerable, there are two things you should do. First, you should see if your data has been exposed by checking Hunt’s site, Have I Been Pwned. Second, you should reach out to us at VisiCom Services, so we can help keep you secured against threats like this and others. Give us a call at 248.299.0300.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Sunday, 21 October 2018
If you'd like to register, please fill in the username, password and name fields.

Sign Up For Our Newsletter

Powered by ChronoForms - ChronoEngine.com

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Tip of the Week: Tip of the Week: Mirror or Cast Your Android Device’s Screen
14 September 2017
Usually I don't refer spending time like these categories subjects and website but really the blog w...
Tip of the Week: 4 Google Chromecast Features that May Surprise You
05 September 2017
I’m really satisfied to find this site.I need to thank you only for this brilliant read!!I unquestio...
Microsoft OneNote May Be the Best Note-Taking Tool on the Market
27 June 2017
I blog frequently and I really value your substance. The article has really crested my advantage. I ...

Latest Blog Entry

19 October 2018
Visicom Blog
Technology
It is impossible to understate the importance of a server to today’s businesses. We talk a big game as to how important data is, but we don’t often broach the topic of how important it is to ensure th...

Latest News

Contact Us

Learn more about what VisiCom Services can do for your business.

callphone

Call us today    248.299.0300

2534 S Rochester Road
Rochester Hills, Michigan 48307

#