58 million customer records have been leaked online by hackers, the huge trove of data seems to come from a data storage firm.
The records include personal information such as names, dates of birth, email and postal addresses, job titles, phone numbers, vehicle data, and IP addresses.
The archive appears to have been exfiltrated from an unsecured database of the Modern Business Systems (MBS), which is a company that provides data storage and database hosting services.
I received a portion of the archive a few days ago by the hacker which uses the Twitter account @0x2Taylor. When the hacker sent me the archive we both had no idea about its source.
The hacker released at least 58 million records stolen from Modern Business Systems’s systems.
Database Loaded : 52 Million Subscriber DB https://t.co/NIFQYofqwH Email,DOB,Name,Address,IP,Phone Number. #0x2Gang #DataDump
— #BBK ~ $Taylor (@0x2Taylor) 8 ottobre 2016
Experts who analyzed the archive determined that it belongs to MBS which was exposing an unsecured MongoDB database on the Internet.
“While the data itself is easy enough to read, identifying the owner of the database has been more challenging. Nothing within the dumped dataset itself pointed to who might be responsible for the information. Through additional investigation and subsequent exchanges with 0x2Taylor, researchers were able to obtain the IP address of the database.” reads a blog post published by Risk Based Security. “With that information, researchers were able to confirm it was an open MongoDB installation and identify the owner as Modern Business Solutions. Working with Databreaches.net, Modern Business Solutions was contacted and made aware of the issue. Although neither RBS or Databreaches.net have yet received a reply from Modern Business Solutions, the database has since been secured and is no longer accessible.”
The database includes data from companies that are customers of the MBS, if you have had a business relationship with it you can check for the presence of your data through the breach notification service “Have I Been Pwned?” .
Unfortunately, the situation is probably more severe because giving a close look at the above image experts speculate the hacker had access to a database containing over 258 million rows of customer records.
This breach is the last in order of time that is related to misconfigured MongoDB databases. In the past security experts
In December the popular expert and Shodan creator John Matherly found over 650 terabytes of MongoDB data exposed on the Internet by vulnerable databases.
(Security Affairs – Modern Business Systems, data breach)