{"id":4637,"date":"2019-11-22T17:36:44","date_gmt":"2019-11-22T21:36:44","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=4637"},"modified":"2019-11-22T17:36:44","modified_gmt":"2019-11-22T21:36:44","slug":"1-2-billion-records-exposed-in-historic-server-leak-what-we-know","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/","title":{"rendered":"1.2 Billion Records Exposed in Historic Server Leak: What We Know"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-4537\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\" alt=\"1.2 Billion Records Exposed in Historic Server Leak: What We Know\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Security researchers Vinny Troia and Bob Diachenko discovered an unsecured server containing an unprecedented amount of <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener noreferrer\">personally-identifying information<\/a>. Indeed, the server contained 4 terabytes of personal data\u20141.2 billion records in total. That is 1.2 billion records exposed and easily accessible on the internet.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">As a result, hundreds of millions of people suffered in this data exposure. The data exposed includes home and mobile device numbers and social media profiles for Facebook, Twitter, LinkedIn, and Github. Additionally, it includes work histories\u2014possibly pulled for LinkedIn\u2014as well as 50 million unique phone numbers and 622 million email addresses.\u00a0<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-privilieged-access-management-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2020\/01\/PAM_BG_SB_800.gif\" alt=\"Download Link to Privileged Access Management Buyer's Guide\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Thankfully, the information did not include financial information such as credit card numbers, Social Security Numbers, or passwords. However, it still represents an unprecedented leakage of social media information in the history of cybersecurity.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">One crucial mystery lingers around the exposure of 1.2 billion records\u2014those responsible. The security researchers did trace the IP address but only traced it to Google Cloud Services. While many of the datasets within the server connected to San Francisco data broker People Data Labs, they denied ownership of the server; security researcher Troia agreed with their claim.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The researchers could not determine who created the server nor why. Further, they could not determine who found the server before they did or downloaded the data therein. The server proved easy to find and to access.\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Adding to the mystery, the server disappeared within hours of security researchers informing the FBI.\u00a0\u00a0<\/span><\/p>\n<h2 style=\"text-align: justify\"><b>Experts Weigh in on 1.2 Billion Records Exposed<\/b><\/h2>\n<h3 style=\"text-align: justify\"><b>Sudhakar Ramakrishna<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Sudhakar Ramakrishna is CEO of <\/span><\/i><a href=\"https:\/\/www.pulsesecure.net\/\" target=\"_blank\" rel=\"noopener noreferrer\"><i><span style=\"font-weight: 400\">Pulse Secure<\/span><\/i><\/a><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThis type of data breach is alarming due to the sheer amount of personal information exposed and the potential fidelity added to social media attack vectors. There should be little comfort in the fact that credit card or SSN numbers were not exposed, given the massive volume of profiles and contact information of hundreds of millions of people.\u201d\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThe harsh reality of today\u2019s evolving threat landscape and threat actor marketplace is this new data will be bought and sold on the dark web and can easily be combined with other exposed PII from one of the many data breaches in 2019 to create more comprehensive identity exploits. This highlights exactly why enterprises need to revisit auditing their data, access, controls and protection obligations. A zero-trust framework with orchestrated data protection mechanisms is necessary. Servers and storage, whether being serviced, repurposed or sold, should never have this type of data in the clear.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Anurag Kaho<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Anurag Kahol is the CTO of <\/span><\/i><a href=\"https:\/\/www.bitglass.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><i><span style=\"font-weight: 400\">Bitglass<\/span><\/i><\/a><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThis unsecured database is one for the record books. Impacting 1.2 billion records, it is one of the largest leaks we have ever seen. Names, email addresses, and phone numbers, along with other social media profile information, were left public-facing. It is currently unknown who owns this database; however, they will surely face significant repercussions from regulatory bodies as well as the general public. There is no excuse for negligent security practices such as leaving databases exposed.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">While the server was discovered by security researchers, there are tools designed to detect abusable misconfigurations within IT assets like ElasticSearch databases. While there have not yet been any reports of a breach stemming from this particular incident, it is unknown if any malicious parties found the data before the researchers did. Organizations must have full visibility and control over their customer data in order to prevent breaches. To do so, they should look for security solutions that remediate misconfigurations, enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent the leakage of sensitive information.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Dvir Babila<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Dvir Babila is Head of Product Management at <\/span><\/i><a href=\"https:\/\/www.cycognito.com\/\" target=\"_blank\" rel=\"noopener noreferrer\"><i><span style=\"font-weight: 400\">CyCognito<\/span><\/i><\/a><i><span style=\"font-weight: 400\">\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">&#8220;This is a massive breach and a major open question is who owned the server behind the breach. Troia noted in the original <\/span><a href=\"https:\/\/www.dataviper.io\/blog\/2019\/pdl-data-exposure-billion-people\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">blog<\/span><\/a><span style=\"font-weight: 400\"> &#8220;all we can tell from the IP address (35.199.58.125) is that it is (or was) hosted with Google Cloud.&#8221; Determining the ownership of IT assets that exist in the shadows like this requires a lot of fingerprints, and you have to associate those fingerprints with other IT assets exposed on the internet to build a complete picture.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Doing this manually with tons of raw threat intelligence data is very challenging. Applying mathematical techniques, such as a graph data model, works well. With more of every organization&#8217;s IT assets living in cloud environments than ever, a new level of automation has to be applied to threat intelligence both for assessing risk and for dealing with post-incident forensics.&#8221;<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>How to Gain Visibility<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Check out our <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener noreferrer\">Identity and Access Management Buyer\u2019s Guide<\/a> for enterprise-level solutions! Don&#8217;t let incidents like the 1.2 billion records exposed happen to you!<\/span><\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers Vinny Troia and Bob Diachenko discovered an unsecured server containing an unprecedented amount of personally-identifying information. Indeed, the server contained 4 terabytes of personal data\u20141.2 billion records in total. That is 1.2 billion records exposed and easily accessible on the internet.\u00a0 As a result, hundreds of millions of people suffered in this data [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":4537,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[1290,1291,142,125,56,16,1292,112,1226,76,1293],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>1.2 Billion Records Exposed in Historic Server Leak: What We Know<\/title>\n<meta name=\"description\" content=\"An exposed server contained 4 terabytes of personal data\u20141.2 billion records in total. But who exposed it? What do we know?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/\",\"name\":\"1.2 Billion Records Exposed in Historic Server Leak: What We Know\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"datePublished\":\"2019-11-22T21:36:44+00:00\",\"dateModified\":\"2019-11-22T21:36:44+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"An exposed server contained 4 terabytes of personal data\u20141.2 billion records in total. But who exposed it? What do we know?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"width\":800,\"height\":400,\"caption\":\"Morgan Stanley Suffers Data Breach Due to Third-Party Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"1.2 Billion Records Exposed in Historic Server Leak: What We Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Identity and Access Management Solutions | Solutions Review\",\"description\":\"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"1.2 Billion Records Exposed in Historic Server Leak: What We Know","description":"An exposed server contained 4 terabytes of personal data\u20141.2 billion records in total. But who exposed it? What do we know?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/","url":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/","name":"1.2 Billion Records Exposed in Historic Server Leak: What We Know","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","datePublished":"2019-11-22T21:36:44+00:00","dateModified":"2019-11-22T21:36:44+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"An exposed server contained 4 terabytes of personal data\u20141.2 billion records in total. But who exposed it? What do we know?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","width":800,"height":400,"caption":"Morgan Stanley Suffers Data Breach Due to Third-Party Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/1-2-billion-records-exposed-in-historic-server-leak-what-we-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"1.2 Billion Records Exposed in Historic Server Leak: What We Know"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Identity and Access Management Solutions | Solutions Review","description":"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/4637"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=4637"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/4637\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4537"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=4637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=4637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=4637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}