230 Million Records Belonging to US Citizens for Sale on Database Sharing Platform
April 26, 2021
Email Address, Mobile number, Address, Income
Discovery of the Leak
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a surface web database marketplace, advertising the data of 230 million records belonging to US citizens.
The post was published on 22 April 2021. The poster claims that the 263 GB file contains 59 million unique email addresses and has highlighted that the leak does not contain any passwords.
Contents of the Leak
The leaked database contains the following data fields:
There are 59 million unique emails present in the database are distributed across the following domains:
Data Verification and Validation
The sample data is currently being validated. Multiple other actors on the forum have claimed this data is part of the SolarWinds attack.
Another threat actor has posted a thread advertising SolarWinds/ NSA data. The data schema of the second actor’s post matches that of the original poster. However, the original threat actor has denied these claims, referring to them as conspiracies.