In what has become one of the largest data leaks from a single source in history, the personal data of over 1.2 billion people has been exposed -- including names, email addresses, phone numbers, LinkedIn, Facebook, Twitter and more.
The leak was discovered by Bob Diachenko and Vinny Troia on October 16, 2019 in an open Elasticsearch server that had 4 billion user accounts inside of over 4TB of data. There were 1.2 billion unique people discovered inside of the leak, residing on an unprotected and totally-open Elasticsearch server with no password or any means of authentication protecting it -- so you could just download all 4TB of it easily.
The data in question comes from two brokerages, with California-based People Data Labs selling the data to advertisers who could use them for commercial purposes. User content to use this data commercially has not been approved, according to Troia. This particular data set has 622 million email addresses, 50 million unique phone numbers, and a bunch of different details from social media platforms.
3 out of 4 of the indexes discovered originated from People Data Labs, packing details of over 1.2 billion people -- while the last one comes from OxyData.io and has details exclusively from LinkedIn.
You can check if you've been exposed on HaveIBeenPwned.com