SPAM SLINGING OUTFIT River City Media (RCM) has exposed 1.37 billion email addresses after failing to password-protect a remote backup.
RCM, a prolific marketing bastard that masquerades as a legitimate firm and sends up to a billion spam messages a day, has messed up big time, and we know all about it thanks to Chris Vickery, a security researcher at MacKeeper.
Vickery, who worked with CSO and anti-spam operation Spamhaus to investigate the leak, has revealed that the 200GB of spilled data not only includes email addresses, but also real names, user IP addresses, and in some cases physical addresses.
"The situation presents a tangible threat to online privacy and security as it involves a database of 1.4bn email accounts combined with real names, user IP addresses, and often physical address," Vickery said. "Chances are that you, or at least someone you know, is affected."
"I'm still struggling with the best software solution to handle such a voluminous collection, but I have looked up several people that I know and the entries are accurate.
"The only saving grace is that some are outdated by a few years and the subject no longer lives at the same location."
Teaser screenshot of that DB's summary data: pic.twitter.com/PEnpJbDZRt— Chris Vickery (@VickerySec) March 4, 2017
Vickery ain't wrong, as RCM gathered its mammoth database from people requesting credit checks, entering prize giveaways and sweepstakes and applying for education opportunities, along with techniques like co-registration in which a person's info is shared with unnamed affiliates after clicking "submit" or "I agree" on a website.
The leak has been blamed on a failed remote backup attempt, which left the data sitting exposed on a server for several months. This means that anyone who found it, including Vickery, was able to access internal chat logs and emails from the company, as well as its massive email collection.
"Someone had forgotten to put a password on this repository.The data was, basically, a backup held in a poorly secured rsync-accessible system," Vickery said.
"It is alleged that chat logs and internal files in the repository show RCM staff discussing Slowloris-like techniques to overload mail servers and persuade the machines to accept hundreds of millions of messages."
Spamhaus has already used the information contained in the leak to add RCM's details to its database, blacklisting the firm's entire infrastructure. µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe