Forwarded from BlackBox (Security) Archiv
Huge, mysterious list appears online of where people met, personal information and more of tens of millions
'There's nothing you nor I can do about it,' notes security expert
A huge data dump includes the personal information of tens of millions of people and where they have met β and its origin is a mystery.
The breach includes almost 90GB of people's personal data, including details of where they have been and met people.
But there is no clue where the information has actually come from in the first place.
Though the information has been hosted publicly, and available to anyone, there is no hint about where it was first collected from.
The dump includes listings of individual people, including information on their social media sites, phone numbers and addresses. Unusually, however, it also includes details about where people have met, and information about where the people listed within the dump may know each other from.
As such, it appears that the data was probably collected from CRM, or customer relationship management, software. Users presumably took down a contact's personal information as well as a note about where they had met them to remember in future, and recorded it in a piece of software, which has since been breached.
But Troy Hunt, who tracks such data breaches and runs the website HaveIBeenPwned.com to allow users to check if they have been caught up in them, said that he had been unable to find any clue about what that software might be or how it had become public.
"Nowhere β absolutely nowhere β was there any indication of where the data had originated from," he wrote in a blog post announcing the find.
ππΌ Read more:
https://www.independent.co.uk/life-style/gadgets-and-tech/news/data-dump-personal-information-breach-crm-a9515931.html
https://www.troyhunt.com/the-unattributable-db8151dd-data-breach/
#leak #breach #CRM
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
'There's nothing you nor I can do about it,' notes security expert
A huge data dump includes the personal information of tens of millions of people and where they have met β and its origin is a mystery.
The breach includes almost 90GB of people's personal data, including details of where they have been and met people.
But there is no clue where the information has actually come from in the first place.
Though the information has been hosted publicly, and available to anyone, there is no hint about where it was first collected from.
The dump includes listings of individual people, including information on their social media sites, phone numbers and addresses. Unusually, however, it also includes details about where people have met, and information about where the people listed within the dump may know each other from.
As such, it appears that the data was probably collected from CRM, or customer relationship management, software. Users presumably took down a contact's personal information as well as a note about where they had met them to remember in future, and recorded it in a piece of software, which has since been breached.
But Troy Hunt, who tracks such data breaches and runs the website HaveIBeenPwned.com to allow users to check if they have been caught up in them, said that he had been unable to find any clue about what that software might be or how it had become public.
"Nowhere β absolutely nowhere β was there any indication of where the data had originated from," he wrote in a blog post announcing the find.
ππΌ Read more:
https://www.independent.co.uk/life-style/gadgets-and-tech/news/data-dump-personal-information-breach-crm-a9515931.html
https://www.troyhunt.com/the-unattributable-db8151dd-data-breach/
#leak #breach #CRM
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
The Independent
Huge, mysterious list appears online of where people met, personal information and more of tens of millions
A huge data dump includes the personal information of tens of millions of people and where they have met β and its origin is a mystery. The breach includes almost 90GB of people's personal data,