To give you a sense of River City’s scope and scale, some of the documents left exposed by the hack detail that on a single day of operation, the company was responsible for sending out emails to more than 18 million messages to Gmail users and 15 million messages to AOL users, netting them a little over $36,000. That amounts to more than thirteen million dollars over the course of the year.
The database exposed by the breach was found by security researchers Chris Vickery and Steve Ragan of MacKeeper and CSOOnline, respectively, who discovered it on an open server without the benefit of even rudimentary password protection. It was literally sitting in plain sight, for all the world to see.
Not only did it contain a great deal of proprietary information about how the company is run, but also included some 1.4 billion user records containing email addresses, passwords, physical addresses, phone numbers, IP addresses and more.
Given the sheer size of the database, odds are good that your name is on it. Even if it isn’t, it’s almost a certainty that you know someone whose name is on it.
Needless to say, in light of this discovery, it’s time to change your passwords again. All of them. And if you’re one of the multitude of users still logging in with the same password across multiple websites, it’s well past time to change your approach. As this breach demonstrates, it’s just a matter of time before you fall victim to identity theft.