Data & Leads
What was exposed
Email addressesEmployersIP addressesJob titlesNamesPhone numbersPhysical addresses
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Watch for text-message phishing and SIM-swap attempts on your phone number.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator . Upon further investigation, the data was linked to marketing company Data & Leads . The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information. No response was received from Data & Leads when contacted by Bob and their site subsequently went offline.
Frequently asked questions
What is the Data & Leads data breach?
In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator . Upon further investigation, the data was linked to marketing company Data & Leads . The exposed Elasticsearch instance...
When did the data breach happen?
This data breach occurred around November 2018.
How many accounts were affected?
Around 44,320,330 accounts were affected.
What information was exposed?
Exposed data included Email addresses, Employers, IP addresses, Job titles, Names, Phone numbers and Physical addresses.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches