TZUTC: -0500
MSGID: 1825.consprcy@1:2320/105 2da168d7
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
16TB of corporate intelligence data exposed in one of the largest
lead-generation dataset leaks

Date:
Thu, 11 Dec 2025 11:25:00 +0000

Description:
We've just witnessed the mother of all leaks as researchers found an
unprotected behemoth database.

FULL STORY

 - Researchers found an unprotected 16TB MongoDB database exposing nearly two
billion PII-filled records
 - Data likely scraped from LinkedIn and Apollo.io, tied to a possible
leadgen company
 - Database was secured after disclosure, but exposure duration and malicious
access remain unknown

More than 16 terabytes of professional and corporate intelligence data,
including personally identifiable information (PII), was sitting in an
unprotected database, available to anyone who knew where to look. 

This is according to cybersecurity researchers at Cybernews who found the
database and described it as one of the largest lead-generation datasets to
have ever leaked. 

Despite the risks and the disruptive potential, unprotected databases remain
one of the most common causes of data leaks. In this instance, the 
researchers found a MongoDB database with almost 4.3 billion documents. 

Personally identifiable information

The documents were split into nine collections, labeled intent, profiles,
people, sitemap, and companies - among others. This structure led the
researchers to believe that the database was likely scraped, possibly from
LinkedIn and Apollo.io (an AI sales platform). 

Of the nine collections, at least three contained personally identifiable
information. These collections, holding almost two billion files, exposed
peoples names, emails, phone numbers, LinkedIn URLs and profile handles,
position titles, employers, employment history, education, degrees and
certifications, location data, languages, skills, functions, social media
accounts, image URLs, email confidence scoring, and Apollo IDs. 

One of the collections also had peoples photographs. All of the PII exposed
put users at serious risk of identity theft or fraud. 

Cybernews says it could not attribute the database to a specific entity
without reasonable doubt, but said that it did find clues pointing to a lead
generation company. 

The company helps businesses find and connect with potential customers,
providing access to a large-scale B2B database of leads that strongly
correlates with the type of information included in the exposed database, the
report states. The researchers reached out to that company, and while they 
did not get confirmation of ownership, the database was locked down two days
later. 

It is also unknown for how long the instance remained open, or if a malicious
actor accessed it before, but its certainly possible. 

 Via Cybernews 

======================================================================
Link to news story:
https://www.techradar.com/pro/security/16tb-of-corporate-intelligence-data-exp
osed-in-one-of-the-largest-lead-generation-dataset-leaks

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470
SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426