Over One Billion of Users’ Records Were Drifting in the Open Access
Personal data of media users was discovered by the American cybersecurity expert Vinny Troia. He said the collection numbered 1.2 billion of records of social media subscribers as Wired stated.
The dark web expert Troia exposed an unsecured server in the Google Cloud service. He did not state the channels of the leakage occurrence or who could download it. Fortunately, the database did not include sensitive information like key to accounts, bank card numbers or any security codes. But there were hundreds of profiles with home and cell phone numbers that belong to the real people. Plus, the links to social media accounts on Twitter, LinkedIn, Github, and Facebook, etc.
"This is the first time I've seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs. That's a lot of information in one place to get you started", stressed Troia.
Vinny Troia and his fellow researcher Bob Diachenko stumbled upon a database while working with web scanning services BinaryEdge and Shodan. The experts execute several verifying actions to conform to the credibility of records and informed the FBI. After a while, access to the database was blocked. However, the name of the server owner wasn't disclosed or who could publish the database online.