What’s claimed to be more than 183 million records of people’s contact details and employment info has been stolen or otherwise obtained from a data broker and put up for sale by a miscreant.
The underworld merchant, using the handle KryptonZambie, has put a $6,000 price tag on the information in a cybercrime forum posting. They are offering 100,000 records as a sample for interested buyers, and claim the data as a whole includes people’s corporate email addresses, physical addresses, phone numbers, names of employers, job titles, and links to LinkedIn and other social media profiles.
We believe this information is already publicly available, and was gathered up by a data-broker called Pure Incubation, now called DemandScience. That biz told us it was aware of its data being put up for sale, and sought to clarify what had been obtained – business-related contact details that are already out there.
“It is also important to note that we process publicly available business contact information, and do not collect, store, or process consumer data or any type of credential information or sensitive personal information including accounts, passwords, home addresses or other personal, non-business information,” a DemandScience spokesperson said in an email to The Register.
Seems to us this is the circle of data brokerage life. One org scrapes a load of info from the internet to profit from, someone else comes along and gets that info one way or another to profit from, sells it to others to profit from…
[…]
In a subsequent report by HIBP founder and Microsoft regional director Troy Hunt, which includes a screenshot of an email from DemandScience – sent to someone whose info was in the data peddled by KryptonZambie – that blamed the leak on a “system that has been decommissioned for approximately two years.”
[…]
After coming across the pile of data for sale, and hearing from someone whose personal information was swept up in the affair, Hunt said he decided to check whether his own info was included. He did find a decade-old email address and an incorrect job title.
“I’ll be entirely transparent and honest here – my exact words after finding this were ‘motherfucker!’ True story, told uncensored here because I want to impress on the audience how I feel when my data turns up somewhere publicly,” Hunt wrote.
We couldn’t have said it any better ourselves. ®
Source: Business records on 100M+ people swiped, put up for sale • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft