A Russian-sponsored disinformation campaign in Africa targeted users of Facebook but also those on Instagram, Twitter and other platforms, researchers said
A Russian-sponsored disinformation campaign in Africa targeted users of Facebook but also those on Instagram, Twitter and other platforms, researchers said AFP / DENIS CHARLET

The most recent personal information breach was discovered by a security researcher named Vinny Troia in October. He uncovered nearly four terabytes of data or around 1.2 billion personal information, including email addresses, work histories, mobile, and home phone numbers, and social media accounts. So far, it is not clear how it got to the unsecured Google Cloud server, but these data are there sitting unprotected.

The security researcher describes the data as a set of profiles that, aside from crucial personal details also include LinkedIn, Twitter, and Facebook profiles. The latest discovery is a first of its kind where Troia tells Wired that all social media profiles are collected and merged with the user profile information into a single database of this scale. While the database does not contain account passwords or Social Security numbers, it does not mean it is not dangerous.

In fact, these details are a gold mine in an era where cyber-thieves have become increasingly proficient at impersonating other people’s identity to take over their accounts. The majority of the data collected, according to the security researcher, was compiled by a company named people Data Labs. The company offers work emails and social account details for more than a billion people.

People Data Labs scraped the data from different sources and sells it as a mean of reaching 70 percent decision-makers located in the UK, the US, and Canada, states the company’s website. The discovery of the latest data breach on the Google Cloud server was accidental. Troia, along with fellow security researcher Bob Diachenko stumbled upon the breach when they were looking for exposures on the web scanning services Shodan and BinaryEdge.

The IP addresses trace to Google Cloud Services, and they were not able to identify the identity of those who collected the data stored there. The security researcher was not able to determine if anyone else found and downloaded the data before they did but underlines that it is very easy to find and access. Troia has already reported this to the Federal Bureau of Investigation, and within hours someone pulled the exposed files and data offline.