Oct 112016

Update of Oct. 18: a vendor on the dark web has seemingly put the database up for sale for $200. The listing says:

58,848,308 ModBSolutions.com no passwords Business 2016-10
contains field

Note that MBS never responded to my courtesy notification, never responded to a request for a statement as to what they were doing in response to the leak, and then removed their phone number from their web site to make it harder for upset consumers to contact them? I hope the Federal Trade Commission is paying attention to this one. As consumers, you can file a complaint with the FTC using their online complaint form. You should probably check the “other” category and then explain how your data were caught up in this incident and any attempts you made to get a response from the company.

Original Post:

RBS reports:

Much has been written about the dangers of poorly secured MongoDB databases among others. Despite the many warnings, millions of records have been lost due to misconfigurations in this database software. Now we have yet another massive database leak has been uncovered related to an insecure MongoDB installation, exposing at least 58 million subscriber records.

Twitter user @0x2Taylor posted exfiltrated data on the file sharing site MEGA twice over the weekend, each time resulting in the data being taken down very quickly. The data was then released for a third time on a smaller file sharing website.  After analyzing the dataset, we can confirm that nearly 58 million records contain full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations were included in the leak.

Read more on RiskBasedSecurity, who note that ModB may have dodged a serious bullet, because there was another table with 258 million records that were being downloaded or accessed when the entire bucket was pulled offline.

As of today, ModB has not responded to this site’s original notification to them, alerting them to the leak. Nor have they responded to an inquiry asking them for a comment or what they intended to do about 58 million people having their PII exposed.

Update 1, Oct. 12: ModB still has not responded to this site’s communications. But I see people are commenting under this post that they’ve been notified their data was caught up in this. WHO is notifying you, though? Is it ModB or some site like HaveIBeenPwned?

Update 2: Okay, it looks like it is HaveIBeenPwned.com doing some notifications. They posted this to Twitter:


  53 Responses to “Modern Business Solutions’ leaky bucket provided a field day for downloaders”

  1. Emerson Smith appears to be founder of Modern and registered Hardwell data site http://bgp.he.net/dns/hardwelldata.com#_whois

  2. I was notified my info was in this file. However I have never heard of this company. Any suggestions on how to protect myself?

    • Who notified you that your data was in the file?

        • Thanks, but if people are being notified, I’m not interested in guesses. I’d like to know with certainty as to who’s alerting people.

          Just got confirmation that it’s HaveIBeenPwned.com alerting people.

      • My name is Jeff, LifeLock notified me. I’ve never even heard of MBSolitions.

        • Same here. Lifelock notified me and I have no idea who these guys are

        • LifeLock notified me on Oct 21, 2016 that modbsolutions.com was the source of information stolen and then used, ‘on the dark web.’ The only intersection I can find between myself and this web site is that DropBox.com has used Modern Business Solutions for cloud storage. I cannot find where in the dark web my info was used, but another site reported 394 searches for info on me subsequent to the breach. I have even received ‘senderless’ emails that were TXT extracts from PDF files that I had sent as attachments. Somebody id doing rip&strip on my emails! 🙁

  3. I’ve never heard of these tosspots. They had my data – why and how exactly?

  4. Same here, never heard of that company. Any suggestions how to follow up on this?

  5. I was notified by haveibeenpwned today. Never heard of the company. Have asked them where they got my data from. Interesting that their email address is a person. And that although they have a UK address their phone number is in Turkey!

  6. Would love to know as well. Typically, the advice is to change your passwords. This time, they have vital personal information. Can’t just move, sell my car, or change jobs with this hack…

  7. Same here. Got a notification from haveibeenpawnd, but have never heard of this site, nor have I visited it. So being told to go there and reset my password is useless, as I don’t have an account there.

  8. I was notified via https://haveibeenpwned.com/. I’m interested in finding exactly what info was leaked for me in particular.. is there some way to find out?

  9. I was notified by haveibeenpwned as well. I tried going to the business website but the page wouldn’t open.

    • looks like they might be a online recruitment firm, which explains all the personal info from CVs perhaps

  10. I’d be interested to know what information actually was leaked.

    I can see that it could be “full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations”, but I’d rather know for sure so I can manage risk.

  11. I too was notified by https://haveibeenpwned.com/
    I had never heard of the company either and have emailed them asking on what basis they were holding my information. Interesting to see if I receive any sort of reply but I’m not holding my breath given their lack of comment so far.

    Anyway from their website it looks like Modern Business Solutions hold data for companies such as Jobsite, Monster, Reed, Total Jobs, Career Builder, Money Jobs, City Jobs, Oil Careers.

  12. Likewise, notified by haveibeenpwned… if they have information on my vehicle, I’m assuming a vehicle related finance service uses this database management as a third party service? More details would be helpful in order to understand what I can do about the breach.

  13. Well, good to see some have found Modern Business Solutions on LinkedIn. Too bad the negative comments were left for the USA subsidiary in Texas and no one followed it back to the corporate headquarters in India. Yeah, my data was also breached.

    MODERN BUSINESS SOLUTIONS is a PEO (Professional Employer Organisation), providing you the avenue to outsource services related to HR, Legal, Admin and Property Mgmt.

    MBS is an established services provider in western India, registering more than 250% growth record since 2004. In an extremely competitive market dominated by large global giants and national companies, we have marked a dominating footprint using innovative practices, local awareness and speedy systems.

    Staffing and Recruiting
    Privately Held
    Raja Complex, Vijay Cross Roads, Navrangpura Ahmedabad, Gujarat 380009 India

    • Looks like that’s a different company, just with the same name. Different logo, even.

      • No, they do the same thing. Parent company is in India. Modern Business Solutions has offices located all over the US. Your information was probably added to the database if you applied for a job and they did a background check, or you put in an application for a property rental. Anything that required a background check and where the company used Modern Business Solutions.

        Again, parent company is in India.

        Sorry, I’ve worked in the legal field for over 30 years. It’s not that difficult to follow these corporations to the home office even if it is out of country.

        • I don’t care how long you’ve worked in any field. You didn’t see the records showing ownership of the company that some of us saw. You’re on the wrong company. I won’t approve any more messages from you like this as you’re only misleading people.

  14. I also was notified by haveibeenpwned. Usually changing your password is recommended, however, this is obviously not an option upon further research. How do those of us affected protect our personal info?

  15. I tried to get in touch with Modern Business Solutions. I’d like to to know why they had any of my PII in the first place. I also would like to hold them accountable for allowing my personal information to get stolen and eventually leaked online.

    The phone number on their website is disconnected. The street address looks like it goes to a strip mall in Austin, Texas.

  16. I found a record there with my email. The “creation date” tracks back to PayU!
    Very interesting…

  17. I would like to make an alliance people. We we’re victims of a breach and nobody is paying the price for it. We demand justice. I believe this whole thing was a conspiracy. I am a hardworking honest American and thus shouldn’t be happening to me or anyone else. Serious people email me at [deleted by moderator]. we have to stand up for each other to get what we want!

    Moderator’s note: This site does not permit solicitations or requests for people to contact them.

    • Exactly who is controlling this website. Im starting to think that everything is controlled this whole thing was planned.

      • I am controlling the web site. And the home page for this site has a section in the sidebar on commenting policy that says don’t include your contact info, and that if you do, it may be removed. You probably didn’t read it before submitting your comment.

  18. so this website is here to make us feel better that it

    • This site is here to inform its readers and to allow commenters to share information they’ve acquired that might help others in the same boat. Many people have told me I shouldn’t allow comments at all, but I prefer to let readers share information that may help others, or to ask for more information or help if they need it.

      I’ve already tried to flag this incident to the Federal Trade Commission and to the UK Information Commissioner’s Office to suggest they investigate this incident and Modern Business Solutions’ incident response, which so far, has been nonexistent as far as I can see. Not only did they not respond to my phone call and several emails alerting them to their problem(s), but they actually removed their phone number from their web site and changed their web site’s content.

      So if you want to do something other than criticize this site, then do it, and share with others what steps you’ve taken in response to this incident. But don’t post your personal info or links to any lawyers, because neither is allowed. You don’t like my site’s policy on comments? You’re free to go post elsewhere.

  19. LifeLock notified me today that ModB leaked my email information to the Deep Web, the Dark Web or the Peer-to-Peer Networks.I am curious because I recently was notified of a possible breach of my LinkedIn account. I changed my Linked In password and my email password. I hope that takes care of the situation.

    • I hope you’re not re-using email passwords across sites. If you are, start changing them, and use strong passwords. There are many more hacks and leaks than we hear about until months or years later. In the meantime, criminals are using/misusing the information. In ModB case, they failed to secure a database, a hacker noticed it and downloaded it – and then announced it publicly and others also downloaded it… and then put it all up for sale on the dark web.

  20. I was notified by LifeLock. I tracked down the website which I believe was FormSwift or Printable Paper when I downloaded some forms.

  21. Lifelock notified me. I have never had direct contact with modbsolutions. Two of my doctors have initiated online access for patients to review their medical records. Could that portal be involved in this breach?

  22. I was also notified by LifeLock on Oct 21. I have not applied for any job in years. I am not aware of any association with Modbsolutions. I do not know what information has been revealed.

    Today I received a text message from [email protected] which is an obvious scam. I can only assume this is related to the Modbsolutions breach. I have submitted the text information as a complaint to the FTC, but I cannot see how to submit a complaint about the data breach by Modbsolutions.

    • Use the “other” category in the complaint assistant to get started. Eventually, you’ll get to a screen where you can tell them what your complaint is. It would be nice, given so many breaches, if FTC actually provided a specific category to complain about breaches.

  23. My father received notification today of my information being up online on the “dark web”, however I did not receive anything. I have no idea what Modbsolutions is even about, I haven’t applied for a job in like 5 years. This is awful.

  24. I was notified by LifeLock….never heard of site. I had ordered supplies for my son’s wedding. I will start tracking down those sites. What a pain!

  25. I was notified by Lifelock a few days ago. I looked at their website, trying to figure out who had my info, and noticed the physical address. I live in Austin where this company claims to office. My wife owns a retail store in the shopping center they claim to office out of. They are not a tenant there and the suite numbering is done different. Looked shady to me and upon looking more found the forum here. Call them and straight to voicemail with no identification.

  26. I was notified by LifeLock… And honestly LifeLock was worthless my Bank USAA much more helpful!

  27. I was notified by Lifelock. What do I do about it????

  28. I was notified by Life lock. what is the next step to clearing this up.

Sorry, the comment form is closed at this time.