Recently there was a data breach on a very known organization ModBSolutions (Modern Business Solutions) which exposed personal records of at least 58 million subscribers. The data included their full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations, etc. The tool Shodan.io was used to discover the open database from a MongoDB export and this was confirmed by a twitter user 0x2Taylor (This account is suspended, :().
Till now, there have been 2,928 publicly disclosed data breaches so far this year, exposing more than 2.2 billion records. In those, some of the most notable “mega-breach” exceptions have come from misconfigured databases.
What is ModBSolutions?
ModBSolutions (MBS) AUSTIN, TX is a technology and application service provider specializing in data management and monetization services for data owners. The basic motive of the organization is to help clients build their revenue streams by providing content and services… MBS offers a cloud-based data management platform called Hardwell Data which is a platform that allows customers to collect, store and transfer data records on a cloud-based hosting system for databases, regardless of size or age.
What actually did happen?
According to the researchers, the data breach revealed information of at least 58M individuals. The information was published and subsequently deleted at least three times because of a poorly secured database. The data was stored on servers of Modern Business Solutions, which provides database hosting and data storage services.
Risk-Based Security reported that the actual number of records in the data breach amounts to close to 260 million. From a Twitter user’s update, the company claimed that there was a table containing 258 million rows of personal data. The unsecured data spread on a search engine Shodan and then someone published the information by sharing with their friends.
Impact on people
People panicked when they were being alerted by different anonymous sites such as Lifelock.com or haveibeenpwned.com regarding their data leaks on Dark Web from ModBSolutions. People reported that these sites had addresses of the UK but their contacts were of TURKEY. They even received ‘senderless’ emails that were TXT extracts from PDF files.
They had Bank accounts, unknown phone numbers in their name which they didn’t even know about it. Also collecting accounts on behalf of them, transactions from their credit cards of which they had no idea.
According to Risk-Based Solutions, as of October 2016, there were 2,928 data breaches that exposed over 2.2 billion records. These numbers are high enough that’s why it’s wise to be wary of the amount of data shared online.