It’s no secret that technological advancements and online threats are directly proportional to each other. So now more than ever, it’s imperative that users prioritize the security of their digital presence, especially in the face of advanced malware attacks and massive data leaks. Speaking of the latter — less than two months after the Collection #1 data breach exposed 773 million email addresses, it seems we have another massive data dump in our midst. Last week, researchers discovered a 150-gigabyte database containing 809 million records exposed by the email validation firm, Verifications.io.
You may be wondering how Verifications.io had so much data left to be exposed. Most people have heard of email marketing, but very few realize that these companies often vet user email addresses to ensure their validity. Enter Verifications.io. This company serves as a way email marketing firms can outsource the extensive work involved with validating mass amounts of emails and avoid the risk of having their infrastructure blacklisted by spam filters. Verifications.io was entrusted with a lot of data provided by email marketing firms looking to streamline their processes, creating an information-heavy database.
This unusual data trove contains tons of sensitive information like names, email addresses, phone numbers, physical addresses, gender, date of birth, personal mortgage amounts, interest rates, social media accounts, and characterizations of people’s credit scores. While the data doesn’t contain Social Security Numbers or credit card information, that amount of aggregated data makes it much easier for cybercriminals to run new social engineering scams or expand their target audience. According to security researcher Troy Hunt, owner of HaveIBeenPwned, 35% of the data exposed by Verifications.io is new to his database. With that said, it was the second largest data dump added in terms of email addresses to Hunt’s website, which allows users to check whether their data has been exposed or breached.
Upon discovery, the firm was made aware of the incident. And while proper security measures were taken, users can take various steps themselves to protect their information in the event of largescale data exposure. Check out the following tips:
Verifications.io Data Dump
- Verifications.io unprotected database leaks 800+ million email addresses. This person is a verified professional.
- Verifications.io Database Leak Download Data breaches by the dozens happen every day. Cybercriminals are constantly coming up with new ways to access databases loaded with sensitive information they can sell on the dark web or use for future attacks.
Mar 10, 2019 Although the databases were accessible for some time, as soon as the problem was disclosed to Verifications IO the service was taken offline and remains so. Which means that bad guys alerted. Verifications.io Database Download Software The more than 4 terabytes of data was discovered by security researchers from Data Viper. Unlike other troves, this simple database didn’t hold user names and passwords, but personal data, such as names, email addresses, phone numbers, LinkedIn, and Facebook profiles, scrapped off the Internet.
- Be vigilant when monitoring your personal and financial data. A good way to determine whether your data has been exposed or compromised is to closely monitor your online accounts. If you see anything fishy, take extra precautions by updating your privacy settings, changing your password, or using two-factor authentication.
- Use strong, unique passwords. Make sure to use complex passwords for each of your individual accounts, and never reuse your credentials across different platforms. It’s also a good idea to update your passwords on a consistent basis to further protect your data.
And, of course, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.
It isn’t often that our data validation industry makes it into the mainstream media. But this week, it was rocked by a story in Wired Magazine, where two security researchers discovered that the email validation firm, Verifications.io (site currently taken down), had exposed an unprotected, publicly accessible database containing over 800 million email addresses – together with personal and business information for some of them.
Many details are still sketchy at this point. Verifications.io claimed that this was an internal database containing no client records and has since gone dark. And thankfully these records did not appear to contain sensitive information such as financial data or passwords. But we are well aware that incidents like these might raise concerns for businesses who employ third parties to process their contact data assets.
The good news is that situations like this are NOT at all representative of how established vendors like Service Objects does business. Done properly, data validation services are extremely secure, and can strongly enhance the data quality and security of your business. In this article we wanted to share what things you should look for in a data validation partner, along with many of our best practices.
What to look for in a data validation company
Reputation. We are putting this one first, because reputation matters as much as all other factors combined. Look at how long a company has been in business, how many customers it serves, and who its marquee clients are. A little Googling will serve you well here: information abounds, so see what people are saying about the company: negative comments are a concern, of course, and sometimes NO comments can be even more concerning.
(P.S. Glad you asked. We’ve been in business since 2001, and serve over 2500 clients including Amazon, Microsoft, Sony, and every major credit card issuer. Review site FeaturedCustomers.com gives us a tremendously high 4.6/5.0 rating across 600 customer reviews, and you will find our CEO and others featured prominently in the industry trade press.)
Data security. Simply put, we do not store customer data. Only our clients can see their own data. For the time it takes for us to verify it, it is encrypted using a high-level (https) protocol. And when the verification is completed, the data is immediately expunged. We feel you should never, ever use a data validation service that stores your unencrypted contact data in a way that is vulnerable to prying eyes.
In addition to this, we employ bank-grade security measures, including secure 24/7/365 data centers, which feature multi-layer perimeter security with hourly scans and modern firewalls, penetration testing and hardened Windows servers. More details on our data security can be found here.
Reliability. Contact data validation is often performed in real-time, and is frequently mission-critical to a company’s marketing, sales or customer contact activities. This is why we offer one of the industry’s only financially backed service level agreements, with a minimum goal of 99.999% availability of its services.
Customer impact. The above Wired article discusses how email addresses are sometimes validated by sending them test emails, essentially spamming them. We use a very different, non-invasive technology to validate email deliverability, based on ping testing, as described further in this recent blog. This provides accurate results without impacting your customers.
Resources. People often say that the value of any company rests in how well they invest in their products and services. We were founded by developers, for developers, and both our technical and support teams are very proud of their expertise. Above all, we make it a point to be there for our customers: we are available 24/7 if needed, make it a public policy to respond within 90 minutes, and garner rave reviews from our clients.
Verifications.io Data Breach Lawsuit
Feel secure with the right data validation partner
No one ever wants to end up as a news story. But incidents like this serve as a good reminder for what to look for when you entrust your valuable contact data to a third party. We are proud of our track record of safety and security going back nearly two decades that has helped position us as leaders in this industry. Service Objects knows that the more educated businesses are about the specifics of safe and reliable data quality, the better. If you would like to learn more, we are happy to discuss our security measures and our data validation products, please contact us for more details.