2 min read

Email Verifiers and Data Breaches. What You Need to Know.

Alina BÎZGĂ

March 29, 2021

Email Verifiers and Data Breaches. What You Need to Know.

Have you ever wondered why your email address and other information appeared in a data breach impacting a platform you never signed up for? You probably don”t recall creating an account on the Verifications.io platform or River City Media. That”s because you didn”t.

It”s time you find out everything about your invisible connection to email verifiers

Email verifiers are online services that allow marketers and salespeople to verify that the email address you used to create an account, sign up for a newsletter or make an order on their website is real and valid. Email verifiers work silently in the background checking you to avoid future deliverability issues.

These companies use various tools in their validation process including IP address validation and verification of key demographics which also provides insights into your personal information which ends up in a database.

That”s why email-validation services are an attractive target for cybercriminals looking for a fresh batch of email addresses for their next wave of social engineering attacks.

In recent years, billions of user records have been exposed online due to unsecure databases belonging to email validation companies, including the infamous Verifications.io and River City Media data breaches.

Who is Verifications.io, and what information was exposed in the data breach?

The company provides email validation services for marketing companies worldwide. In short, Verifications.io and similar companies are used to maximize marketing campaign potentials by verifying potential consumer email lists for invalid or undeliverable email addresses.

In February 2019, cybersecurity researchers stumbled upon an unsecured public-facing database that exposed over 800 million email addresses and associated personally identifiable information (PII), including names, gender, dates of birth, phone numbers, IP addresses, job titles and employers. The leaked data contained no highly sensitive information such as passwords, credit card numbers or Social Security numbers.

Who is River City Media, and what information was exposed in the breach?

River City Media (RCM) is a US-based email marketing company that made headlines in March 2017 after exposing 1.4 billion individual records online due to an improperly configured backup.  According to researchers, the exposed data includes email addresses and, in some cases, names, IP addresses, zip codes and home addresses.

Once again, no account login credentials or financial information was exposed. Even so, the database was left unprotected for at least three months before the company took it offline. If cybercriminals had stumbled upon it, they could have used the information in targeted phishing attacks to gather additional information from victims.

What should victims do?

Even if there was no indication that the databases were accessed or exploited by malicious actors, users should prepare for similar data breaches. Usually, when login credentials are exposed or compromised, victims are required to immediately change passwords and set up additional security features on their accounts. However, in this case, individuals should adopt preventive measures:

  • Use a VPN to encrypt your internet connection and mask your actual IP address
  • Don”t share your phone number when setting up a new account unless it is mandatory or required for two-factor authentication
  • Consider setting up multiple email addresses for various online activities. Besides your professional email, it might be a good idea to create a separate email for your online shopping and personal correspondence or social media account
  • Never use your date of birth or street address number as PINs or passwords for online accounts

Was your personal data exposed in a data breach? Find out now with Bitdefender’s Digital Identity Protection tool.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents
Alina BÎZGĂ

July 21, 2021

1 min read
Dozens of Facebook Engineers Illegally Accessed Private User Data, New Book Says Dozens of Facebook Engineers Illegally Accessed Private User Data, New Book Says
Silviu STAHIE

July 15, 2021

1 min read
Are you a TikToker? Check Out These Eight Security Tips to Help You Minimize Your Digital Footprint and Stay Safe Online Are you a TikToker? Check Out These Eight Security Tips to Help You Minimize Your Digital Footprint and Stay Safe Online
Alina BÎZGĂ

July 14, 2021

5 min read