Technology Other News 31 Aug 2017 Spambot results in d ...

Spambot results in data breach of over 700 million email addresses

DECCAN CHRONICLE.
Published Aug 31, 2017, 3:31 pm IST
Updated Aug 31, 2017, 3:31 pm IST
The total number of real users contact details contained in the dump is likely to be lower.
The data was available because the spammers failed to secure one of their servers, allowing any visitor to download many gigabytes of information without needing any credentials.
 The data was available because the spammers failed to secure one of their servers, allowing any visitor to download many gigabytes of information without needing any credentials.

In what could one of the biggest data breaches of 2017, more than 700 million email addresses, as well as a number of passwords have been leaked publicly because of an incorrectly configured spambot.

The total number of real users contact details contained in the dump is likely to be lower, however, due to the number of fake, malformed and repeated email addresses contained in the dataset, according to data breach experts.

 

Australian computer security expert, Troy Hunt, who runs the Have I Been Pwned website, which notifies subscribers when their data ends up in breaches, wrote in a blog post: “The one I’m writing about today is 711 million records, which makes it the largest single set of data I’ve ever loaded into HIBP. Just for a sense of scale, that is almost one address for every single man, woman, and child in all of Europe.”

The data was available because the spammers failed to secure one of their servers, allowing any visitor to download many gigabytes of information without needing any credentials. It is impossible to know how many others besides the spammer who compiled the database have downloaded the copies.

 

While there are more than 700m email addresses in the data, however, it appears many of them are not linked to real accounts. Some are incorrectly scraped from the public net, while others appear to have been simply guessed at by adding words such as “sales” in front of a standard domain to generate, for example, “sales@newspaper.com”.

“Finding yourself in this data set unfortunately doesn’t give you much insight into where your email address was obtained from nor what you can actually do about it,” Hunt says. “I have no idea how this service got mine, but even for me with all the data I see doing what I do, there was still a moment where I went ‘ah, this helps explain all the spam I get’.”

 

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
-->