ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Data & Leads Data Breach

datanleads.com
Major exposure
Verified breach
Accounts exposed 44,320,330
Breach date 14 Nov 2018
Added to tracker 28 Nov 2018
Data classes 7

What happened

In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator. Upon further investigation, the data was linked to marketing company Data & Leads. The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information. No response was received from Data & Leads when contacted by Bob and their site subsequently went offline.

Exposed data

Email addresses Employers IP addresses Job titles Names Phone numbers Physical addresses

Recommended actions

  • Watch for targeted phishing emails referencing Data & Leads โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP