ShellCodeX Breach Report
Verifications.io Data Breach
verifications.io
Verified breach
Accounts exposed
763,117,241
Breach date
25 Feb 2019
Added to tracker
09 Mar 2019
Data classes
10
What happened
In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. No passwords were included in the data. The Verifications.io website went offline during the disclosure process, although an archived copy remains viewable.
Exposed data
Dates of birth
Email addresses
Employers
Genders
Geographic locations
IP addresses
Job titles
Names
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Verifications.io โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP