Huge database leak reveals 1.37 billion email addresses and exposes illegal spam operation

[Batu69]

A faulty backup has inadvertently exposed the entire working database of notorious spam operator River City Media (RCM). In all, the database contains more than 1.37 billion email addresses, and for some records there are additional details such as names, real-world addresses, and IP addresses. It's a situation that's described as "a tangible threat to online privacy and security."

 

Details about the leak come courtesy of Chris Vickery from macOS security firm MacKeeper who -- with a team of helpers -- has been investigating since January. River City Media's database ended up online thanks to incorrectly-configured Rsync backups. In the words of Vickery: "Chances are you, or at least someone you know, is affected."

 

 

The leaked, and unprotected, database is what's behind the sending of over a billion spam emails every day -- helped, as Vickery points out, by "a lot of automation, years of research, and fair bit of illegal hacking techniques." But it's more than a database that has leaked -- it's River City Media's entire operation. Business plans, HipChat logs, accounts and much more.

 

As with any big leak, there is the question of whether it is genuine. Vickery has shared his finding with numerous security sites as well as law enforcement agencies, and says:

That was my initial reaction. I'm still struggling with the best software solution to handle such a voluminous collection, but I have looked up several people that I know and the entries are accurate. The only saving grace is that some are outdated by a few years and the subject no longer lives at the same location.

In conjunction with security experts Salted Hash and spam experts Spamhaus, Vickery found that RCM had used illegal IP hijacking techniques during some of its spam campaigns. He says that since making this discovery, he has contacted the companies affected by the leak:

Once we concluded that this was indeed related to a criminal operation, it was decided that we should approach law enforcement and the affected companies (like Microsoft and Yahoo) before making any attempts at contacting the spammers directly. The leaking servers went dark during the process of notifying law enforcement and the major companies. So, I did not directly contact the spammers themselves.

It remains to be seen quite what impact this will have on River City Media's operations, and whether there will be an immediate reduction in the amount of spam flying to inboxes around the world.

 

You can read more about Vickery's finding over on MacKeeper.

 

Article source

[steven36]

I read about it yesterday they was holding back the info of what it  was they just said how many it was tell today .. I genus so it would get more views by readers , listeners and watchers ..It's pretty bad when data breaches have become like a soap opera and they dont post the details tell a weekday. A lot of stuff I find out about on weekends dont make on the main sites tell Monday and then they post it over and over again  tell they next week  or longer. 

[DKT27]

Interesting this. I wonder if these are searchable.

 

3 hours ago, steven36 said:

A lot of stuff I find out about on weekends dont make on the main sites tell Monday and then they post it over and over again  tell they next week  or longer. 

 

That's because most medias, including small news websites are closed on those days. No one told me this when I was posting news here. Used to wonder why there are not much news available to post. Would have been able to take rest if knew about it.

 

But on the good side, some news sites take effort to push out some other non-news articles when they are not posting news, but not all of those sites have useful articles though.

[steven36]

58 minutes ago, DKT27 said:

Interesting this. I wonder if these are searchable.

 

 

That's because most medias, including small news websites are closed on those days. No one told me this when I was posting news here. Used to wonder why there are not much news available to post. Would have been able to take rest if knew about it.

 

But on the good side, some news sites take effort to push out some other non-news articles when they are not posting news, but not all of those sites have useful articles though.

I seen what had happen before it ever was posted here today i was just saying i seen about yesterday , I dont post news post were they didn't post who was breached and still today it dont tell who was breached  ..Only if you had access to the dump do you know who got it , even with clouldflare breach they dont know witch sites that used it that was breached but only the ones they found data for they know the rest was guessing, always this kind of news leaves a lot out because there dealing with peoples private info Meaning you may have been breached and never know about it. If you this worried about it. It's best not too log on at all, because you want know much more about it  than you did yesterday no way. 

 

All these people were breached  and all i know different  is a spammer done it and tell after he was shutdown after the fact did they find it out. its already too late it done happened now.

 

Here is the post i seen it at before today's update  06 was Saturday lol.

1.37bn records from somewhere to leak on Monday

https://www.theregister.co.uk/2017/03/06/researcher_warns_of_one_point_four_billion_identity_leak/

Here is 2 pages about what they are telling this is the post i seen about it before it was posted here today.

http://www.csoonline.com/article/3176433/security/spammers-expose-their-entire-operation-through-bad-backups.html

i always check my vpn ip to make sure it's not listed in spamhaus.and others before i use it . I do a blacklist check .Good news they caught him though  hes been infecting vpn ips  for along time I could care less about the rest.

[straycat19]

The only good news is none of my family's good email addresses are in this database only the throw-aways, and they have been spam traps for years.  I have one email address that I only use when some place requires an email address just to see something and it typically gets about 150 spam emails a day and has for about the last 15 years.  Reminds me of a site that you could input any email address without verification and it would sign up that address for 1500 spam emails.  That was about 20 years ago, and don't know what happened to it.