A huge database of more than 2.7 billion email addresses was left exposed on the web, accessible to anyone with a web browser. More than one billion of those records also contained a plain-text password associated with the email address.
Comparitech collaborated with security researcher Bob Diachenko to uncover the database on December 4, 2019. Although the database owner was not identified, Diachenko immediately alerted the US ISP that hosted the IP address to take it down.
The vast majority of emails were from Chinese domains including qq.com, 139.com, 126.com, gfan.com, and game.sohu.com. Those domains belong to some of China’s biggest internet companies including Tencent, Sina, Sohu, and NetEase.
A few email addresses had Yahoo and Gmail domains, as well as some Russian ones such as rambler.ru and mail.ru.
Upon verification, we concluded that all the emails with passwords originated from the so-called “Big Asian Leak,” first uncovered by HackRead. In January 2017, a dark web vendor was selling the records that included passwords.
Timeline of the leak
Comparitech immediately took steps to take down the database upon discovering in order to mitigate harm to end users, but we don’t know if anyone accessed it in the meantime. Here’s what we know:
December 1, 2019: The database was first indexed by the BinaryEdge search engine and since then was publicly available.
December 4, 2019: Diachenko discovered the database and immediately took steps to notify responsible parties.
December 9, 2019: Access to the database was disabled.
In all, the data was exposed for more than a week, giving malicious parties sufficient time to find it and copy i ..
Support the originator by clicking the read the rest link below.
