ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Data Enrichment Records Data Breach

Significant exposure
Unverified
Accounts exposed 8,176,132
Breach date 23 Dec 2016
Added to tracker 08 Jun 2017
Data classes 16

What happened

In December 2016, more than 200 million "data enrichment profiles" were found for sale on the darknet. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations. In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above. The email addresses alone were provided to HIBP.

Exposed data

Buying preferences Charitable donations Credit status information Dates of birth Email addresses Family structure Financial investments Home ownership statuses Income levels Job titles Marital statuses Names Net worths Phone numbers Physical addresses Political donations

Recommended actions

  • Watch for targeted phishing emails referencing Data Enrichment Records โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP