What happened
According to public breach records, the Data Enrichment Exposure From PDL Customer data breach on October 16, 2019 is reported to have exposed the personal information of 622,161,052 accounts.
In October 2019, security researchers Vinny Troia and Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal data. The exposed data included an index indicating it was sourced from data enrichment company People Data Labs (PDL) and contained 622 million unique email addresses. The server was not owned by PDL and it's believed a customer failed to properly secure the database. Exposed information included email addresses, phone numbers, social media profiles and job history data.
In October 2019, security researchers Vinny Troia and Bob Diachenko discovered an unsecured, internet-facing Elasticsearch server holding roughly 1.2 billion records (over 4 terabytes) accessible without any authentication. The data was identifiable as aggregated profiles built by data-enrichment company People Data Labs (PDL), combining scraped public sources such as LinkedIn and Facebook with names, email addresses, phone numbers, employers, job titles, and social media handles. People Data Labs was not itself breached — the server was not owned by PDL, and researchers concluded a customer holding PDL's enrichment data had failed to secure the database, exposing 622 million unique email addresses.
What data was exposed
The following types of personal data were compromised:
- Email addresses
- Employers
- Geographic locations
- Job titles
- Names
- Phone numbers
- Social media profiles
Breach details
| Detail | Value |
|---|---|
| Breach name | Data Enrichment Exposure From PDL Customer |
| Date | October 16, 2019 |
| Accounts affected | 622,161,052 |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by Data Enrichment Exposure From PDL Customer; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Treat the exposed email addresses and phone numbers as permanently public — be skeptical of unsolicited emails, calls, and texts, and never act on links or requests for credentials that arrive out of the blue.
- Because employers, job titles, and social media profiles were aggregated together, watch for highly personalized spear-phishing and pretexting that references your real job or workplace to seem legitimate.
- Lock down the privacy settings on LinkedIn, Facebook, and other social accounts and limit publicly visible contact details, since the dataset was assembled largely from scraped public profiles.
- Enable two-factor authentication on email and key accounts so that an exposed address alone cannot be leveraged into account takeover.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
- Have I Been Pwned: Data Enrichment Exposure From PDL Customer
- Data on 1.2 Billion Users Found in Exposed Elasticsearch Server - SecurityWeek
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →