In what is already being called one of the biggest and most compromising data breaching events in human history, 982 million email accounts and related personal data have been illegally acquired and exposed. It’s presumed by officials and authorities that the responsible party is made up of one or more high caliber cyber criminals with a yet-to-be determined motive. A completely unforeseen unprecedented event, cyber security experts are astonished and appalled by this extreme breach of personal privacy and information. The magnitude of this data breach has instantly reinvigorated the global conversation on digital privacy and protection. Along with the names of nearly one billion email addresses, several categories of personal information have also been compromised. This includes people’s gender, age and date of birth, personal addresses, their employer and even their complete names. Several details of various social media accounts were also released. Fortunately, information such as email passwords or payment card information have not been breached. However, the event itself is still a frightening example of the power of internet hacking and the vulnerability of the average man and woman living in the digital age. The unequivocal source and cause of this data breach has been determined as the now defunct website Verifications.io. Cyber security professionals were quickly able to identify this website as ground zero for this massive hacking event. In response, Verifications.io has completely shut down their domain and is now in the dark. Verifications.io originally presented themselves as an online validation database for marketing research firms. Their main objective was supposedly to function as an email verification enterprise. Marketing companies would use Verifications.io to verify whether the emails in various databases were legitimate. With such confirmation, businesses would have assurance that they were getting into contact with actual people and not bots or other autonomous or malicious accounts. Apparently, all of this seems to have been a smokescreen for a more insidious plan. After taking down their website, the owners of Verifications.io have been dodging or declining all attempts made by authorities and official at making contact. There are a plethora of questions yet to be answered, and so far, no suspects have been identified. The owners of this site remain anonymous and to this day are essentially in hiding. They have presumably covered their tracks, and may never be caught. The ramifications of this gargantuan email breach are vast. While this isn’t the first time a huge email data breach has occurred, it is expected that the near future will hold more situations involving fraud and scams being sent to these addresses. When online data such as email addresses or IP addresses are leaked, the owners in question are at a greater risk of falling victim to an elaborate scam. Spam emails are a lot more harmful than many people realize, and scammers have continuously improved their tactics over the years. Spam emails can include fraudulent versions of PayPal inquiries to verify your account by inputting your email address and password, or other attempts at gaining your bank account or credit card info. What the victims of these scams don’t realize in time is that they result in directly giving your private information to malicious scammers who essentially rob you. Junk mailboxes are not always enough to filter out these fake inquiries. Good practice in an event such as this includes changing your email password as well as any other online password you have (social media, online financial management, etc.). It would also be wise to always check the email address of your received messages to see if it is really an official source. While more severe instances such as them actually logging into your account are rare and unlikely, hundreds of millions of people are at risk of receiving anything from annoying junk, scamming emails or harmful malware. While passwords and payment info were not leaked, many people could still be on the verge of losing a lot of money of they are not aware of what to look out for. All of the breached information in this hacking event was temporarily available for the public to view online before it was taken down by the authorities. It is unknown precisely how much of it was accessed or saved by the perpetrators. Undeniably one of the biggest cyber crimes ever committed, this breach should hopefully make corporate officials and the general public take the issue of online privacy more seriously, and ramp up security measures in response. But we’ll just have to wait and see what comes of it.
*** This is a Security Bloggers Network syndicated blog from CipherCloud CASB+ Platform | Enterprise Cloud Security authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/blog/close-to-one-billion-peoples-emails-leaked-in-one-of-the-biggest-hacking-scandals-ever