Apparently, the breach was first discovered on September 18 by Bob Diachenko, CEO of security company Security Discovery.
While the database is adequately secured now, at the time of the attack, over 3.8 billion user data was left unattended online making it accessible to anyone.
It is important to note that each one of the stolen passwords and email addresses in this database actually came from earlier data breaches. Although this is likely that this leak also impacts non-customers, it appears that DarkBeam has been gathering this data to notify its customers about potential data breaches.
These kinds of releases are frequently the result of hacking, as has earlier been observed with the most recent TMX Finance data breach.
However, this does not appear to be the case this time. As Diachenko notes, human mistakes can lead to data leaks like this one, such as when a worker forgets to password-protect a sizable database containing critical information.
Even if a user has not heard of DarkBeam before, it is very possible that his login credentials are not exposed, since this leak includes usernames and passwords from both reported and unreported data breaches.
To address the matter, DarkBeam spokesperson released a statement, saying:
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.