ShellCodeX Breach Report
Data & Leads Data Breach
datanleads.com
Verified breach
Accounts exposed
44,320,330
Breach date
14 Nov 2018
Added to tracker
28 Nov 2018
Data classes
7
What happened
In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator. Upon further investigation, the data was linked to marketing company Data & Leads. The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information. No response was received from Data & Leads when contacted by Bob and their site subsequently went offline.
Exposed data
Email addresses
Employers
IP addresses
Job titles
Names
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Data & Leads โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP