dChan
Anonymous ID: 4a94c1 Oct. 6, 2018, 12:38 a.m. No.3361037   🗄️.is 🔗kun   >>1353 >>1562 >>1718 >>1758

A Recent Startup Breach Exposed Billions of Data Points

 

 

“Apollo is a data aggregator and analytics service aimed at helping sales teams know who to contact, when, and with what message to make the most deals. "No one ever drowned in revenue," the company says on its site. Apollo also claims in its marketing materials to have 200 million contacts and information from over 10 million companies in its vast reservoir of data. That's apparently not just spin. Night Lion Security founder Vinny Troia, who routinely scans the internet for unprotected, freely accessible databases, discovered Apollo's trove containing 212 million contact listings as well as nine billion data points related to companies and organizations. All of which was readily available online, for anyone to access. Troia disclosed the exposure to the company in mid-August.

 

"There is always a high risk for fraud, spam, or other even harmful actions when these types of data sets leak."

Vinny Troia, Night Lion Security

 

As Apollo noted in its letter to customers, it draws a lot of its information from public sources around the web, including names, email addresses, and company contact information. But it also scrapes Twitter and LinkedIn. In fact, the information in the profiles Apollo compiles is so detailed that Troia originally mistook it for a trove from LinkedIn. Some of Troia's methods of investigating the Apollo breach have been called into question, though, particularly that he posted a listing for the exposed LinkedIn data on a dark web marketplace. Troia claims he never planned to actually sell the data, and that he made the post as a ruse to aid other ongoing research.

For its part, LinkedIn issued a firm rebuke. "Our investigation into this claim found that a third-party sales intelligence company that is not associated with LinkedIn was compromised and exposed a large set of data aggregated from a number of social networks, websites, and the company’s own customers," the company said in a statement.”

 

 

https://www.wired.com/story/apollo-breach-linkedin-salesforce-data/