[BreachExchange] vpnMentor report discovers 63 million users information in data leak

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Wed Aug 4 11:30:44 EDT 2021


https://techaeris.com/2021/08/04/vpnmentor-report-discovers-63-million-users-information-in-data-leak/

vpnMentor released a report today that shows a data leak that exposed 63
million American citizens. The data leak comes from the lead-generating B2B
company OneMoreLead. According to vpnMentor, OneMoreLead stored its user
data in an unsecured database that was left wide open. This resulted in
names, email addresses, and workplace information being accessible to
everyone on the internet.

Thankfully, it doesn’t appear that hackers or bad actors actually found the
unsecured database but had they, it could have been a huge problem for
millions of users. Here’s a summary of this data leak discovery provided by
vpnMentor:

Company: OneMoreLead
Industry: B2B Sales and Marketing SAAS
Size of data in gigabytes: 34 GB
Suspected no. of records: 126 million
No. of people exposed: 63-126 million (depending on duplicates)
Date range/timeline: The data was uploaded on 10th April 2021. The date of
its origin before this is unknown.
Geographical scope: USA
Types of data exposed: PII data
Potential impact: Fraud; identity theft; phishing
Data storage format: ElasticSearch

vpnMentor discovered the data leak on April 16th, 2021, and contacted
OneMoreLead to inform them of the leak on April 20th, 2021. OneMoreLead
contacted Amazon Web Services (AWS), apparently their host, on April 20th,
2021, and took action to close the leak on April 21st, 2021. Here’s what
vpnMentor had to say in their official press release.

"Understanding a breach and its potential impact takes careful attention
and time. We work hard to publish accurate and trustworthy reports,
ensuring everybody who reads them understands their seriousness.

Furthermore, some affected parties deny the facts, disregarding our
research or playing down its impact. So, we need to be thorough and make
sure everything we find is correct and accurate.

In this case, vpnMentor’s cybersecurity team discovered the database during
a routine research project. We quickly identified OneMoreLead as the
database’s owner. However, the origins of the data, or how it ended up in
OneMoreLeads’ hands, remain unknown.

The company is new, with no known clients and an unfinished website. So,
it’s unlikely they collected data from 126 million people since opening in
2020 – unless the people behind OneMoreLead were working on a similar
business previously.

Furthermore, the exposed data bears an uncanny resemblance to a leak
originally connected to the German B2B marketing company Leadhunter in
2020. (Leadhunter denied responsibility for the leak at the time, and
researchers couldn’t confirm a link.)"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210804/8132c95f/attachment.html>


More information about the BreachExchange mailing list