Misconfigured spambot has led to one of the largest data breaches ever in which more than 700 million email addresses have been leaked along with number of passwords.
Australian computer security expert Troy Hunt said in a blog post, “The one I’m writing about today is 711m records, which makes it the largest single set of data I’ve ever loaded into HIBP. Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe.”
Hunt runs Have I Been Pwned site and the purpose of it is to notify its subscribers whenever there is a data breach.
However, it is reported many of the email addresses were not linked to real accounts as some of those have been just guessed at by adding words like prefixing with “sales” or “accounts” to generate emails like “email@example.com” or “firstname.lastname@example.org.”
Hunt adds in his blog post that probably most of the passwords were collected from previous leaks like that of May 2016 from LinkedIn and many stolen from Exploit.In.
Meanwhile, video games reseller CEX too today notified its customers about an online security breach and up to 2 million accounts may have been leaked and those include full names, addresses, email addresses and phone numbers.
CEX added in some of the breach card information could have also been leaked.
In a press statement the company said, “We take the protection of customer data extremely seriously and have always had a robust security programme in place.”