Public Business Data
Overview
In approximately August 2021, hundreds of gigabytes of business data collated from public sources was obtained and later published to a popular hacking forum. Sourced from a customer of Bureau van Dijk's (BvD) "Orbis" product, the corpus of data released contained hundreds of millions of lines about corporations and individuals, including personal information such as names and dates of birth. The data also included 28M unique email addresses along with physical addresses (presumedly corporate locations), phone numbers and job titles. There was no unauthorised access to BvD's systems, nor did the incident expose any of their or parent company's Moody's clients.
Why did it take so long to report this breach?
What data was compromised:
- Phone numbers
- Email addresses
- Dates of birth
- Physical addresses
- Job titles, Names
Find out if you were involved in this breach
We’ll help you quickly see if your email address was exposed in this breach, and understand what to do next.What to do to protect your personal info
Though passwords weren’t exposed in this breach, there are still steps you can take to better protect your personal info.
- Avoid sharing your phone number
Try to avoid giving out your phone number when signing up for new accounts or services. If a phone number isn’t required, don’t enter it.
- Use an email mask
Giving out your real email address makes it easier for hackers or trackers to find your passwords or target you online. A service like Firefox Relay hides your real email address while forwarding emails to your real inbox.
Try Firefox Relay- Avoid using personal info in PINs
Because your date of birth is easy to find in public records, it’s best to avoid using it in passwords and PINs. People who know your birthday could also very easily guess your PIN.
- Avoid using addresses in passwords
Using addresses or the street where you grew up weaken your passwords. Since it’s easy to find this info publicly, it makes these passwords easy to guess.
- Use unique, strong passwords for every account
Password reuse puts all your accounts at risk. This means that if one password gets exposed, hackers have the keys to many accounts.
- Store passwords in a safe place
Put your login details in a secure place only you can access, such as a password manager. This also makes it easy to keep track of all your different passwords.
- Be cautious about giving out personal information
Don’t hand out personal data if you don’t have to. If you are asked to enter or give out your email address, ZIP code, or phone number, you can say no.
- Update software and apps regularly
Updating your smartphone apps, browsers, and operating systems makes your devices more secure. These updates fix bugs, software vulnerabilities, and security problems.
What is a website breach?
A website data breach happens when cyber criminals steal, copy, or expose personal information from online accounts. It’s usually a result of hackers finding a weak spot in the website’s security. Breaches can also happen when account information gets leaked by accident.
Why did it take so long to report this breach?
It can sometimes take months or years for credentials exposed in a data breach to appear on the dark web. Breaches get added to our database as soon as they have been discovered and verified.