Slashdot Mirror

← Back to Stories (view on slashdot.org)

Huge Database Leak Reveals 1.37 Billion Email Addresses and Exposes Illegal Spam Operation (betanews.com)

Posted by msmash on from the boom dept.

One of the largest spam operations in the world has exposed its entire operation to the public, leaking its database of 1.37bn email addresses thanks to a faulty backup. From a report: A faulty backup has inadvertently exposed the entire working database of notorious spam operator River City Media (RCM). In all, the database contains more than 1.37 billion email addresses, and for some records there are additional details such as names, real-world addresses, and IP addresses. It's a situation that's described as "a tangible threat to online privacy and security." Details about the leak come courtesy of Chris Vickery from macOS security firm MacKeeper who -- with a team of helpers -- has been investigating since January. River City Media's database ended up online thanks to incorrectly-configured Rsync backups. In the words of Vickery: "Chances are you, or at least someone you know, is affected." The leaked, and unprotected, database is what's behind the sending of over a billion spam emails every day -- helped, as Vickery points out, by "a lot of automation, years of research, and fair bit of illegal hacking techniques." But it's more than a database that has leaked -- it's River City Media's entire operation.

4 of 141 comments (clear)

  1. Source article by Anonymous Coward · · Score: 5, Informative

    Vickery's own writeup is here.

  2. Re:Redundant by Obfuscant · · Score: 5, Informative

    You signed up for it when you bought a product or made an inquiry on their site and did not uncheck a box that signed you up for them most-likely.

    That's the lie every spammer uses to justify their garbage. De-selecting the "send me all kinds of email about stuff I don't want" checkbox does nothing.

    If you're still getting it you're just too lazy to unsubscribe.

    I SHOULD NOT HAVE TO UNSUBSCRIBE FROM JUNK EMAIL LISTS THAT I DID NOT SUBSCRIBE TO IN THE FIRST PLACE. THE FIRST PIECE OF SPAM IS STILL SPAM.

  3. Re:Redundant by Obfuscant · · Score: 5, Insightful

    that doesn't mean it isn't a legitimate justification for a lot of commercial email.

    It is not a legitimate excuse for the commercial email I receive based on such lies. I ALWAYS uncheck this "pre-selected opt-in" (an oxymoron), and the spammer ALWAYS tells me that I opted-in.

    If I order a pizza on PizzaHut.com, and next week Pizza Hut sends me an email with their weekly special offers, that isn't spam.

    Yes, it is. Unsolicited commercial junk email. UCE. BY DEFINITION.

    Spam is all the completely unsolicited boner pills, home mortgage, weight loss, and other garbage coming from randos who bought or harvested my email address somewhere,

    Spam is not defined by topic. It is defined by UNSOLICITED COMMERCIAL EMAIL. Yes, there are many sources of spam. The fact that you bought a pizza at Pizza Hut does not excuse their unsolicited commercial email, which is spam.

  4. Re:Redundant by nukenerd · · Score: 5, Insightful

    Spam is UNWANTED e-mail.

    No, spam is UNSOLICITED commercial email. When you did whatever action you did on their site to receive it, you solicited them to send it

    Bullshit. My "action" is to buy something online (it is getting hard to find some types of stuff any other way). Buying something is not "soliciting" for email adverts for ever after.

    Anyway, I use disposable email addresses for purchasing. After it's delivered, I turn off the address and their spam is going into a black hole somewhere, not even as far as my spam directory. But I can look at the stats and see that some companies I have bought from (including a gardening supplier I bought a $10 item from 5 years ago) have sent me thousands of emails - a situation that is ridiculous