Modern Business Solutions’ leaky bucket provided a field day for downloaders

Update of Oct. 18: a vendor on the dark web has seemingly put the database up for sale for $200. The listing says:

58,848,308 ModBSolutions.com no passwords Business 2016-10
contains field
“email”,”gender”,”zip,”state”,”city”,”address”,”last_name”,”first_name”,”updatedate”,”job”

Note that MBS never responded to my courtesy notification, never responded to a request for a statement as to what they were doing in response to the leak, and then removed their phone number from their web site to make it harder for upset consumers to contact them? I hope the Federal Trade Commission is paying attention to this one. As consumers, you can file a complaint with the FTC using their online complaint form. You should probably check the “other” category and then explain how your data were caught up in this incident and any attempts you made to get a response from the company.

Original Post:

RBS reports:

Much has been written about the dangers of poorly secured MongoDB databases among others. Despite the many warnings, millions of records have been lost due to misconfigurations in this database software. Now we have yet another massive database leak has been uncovered related to an insecure MongoDB installation, exposing at least 58 million subscriber records.

Twitter user @0x2Taylor posted exfiltrated data on the file sharing site MEGA twice over the weekend, each time resulting in the data being taken down very quickly. The data was then released for a third time on a smaller file sharing website.  After analyzing the dataset, we can confirm that nearly 58 million records contain full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations were included in the leak.

Read more on RiskBasedSecurity, who note that ModB may have dodged a serious bullet, because there was another table with 258 million records that were being downloaded or accessed when the entire bucket was pulled offline.

As of today, ModB has not responded to this site’s original notification to them, alerting them to the leak. Nor have they responded to an inquiry asking them for a comment or what they intended to do about 58 million people having their PII exposed.

Update 1, Oct. 12: ModB still has not responded to this site’s communications. But I see people are commenting under this post that they’ve been notified their data was caught up in this. WHO is notifying you, though? Is it ModB or some site like HaveIBeenPwned?

Update 2: Okay, it looks like it is HaveIBeenPwned.com doing some notifications. They posted this to Twitter:

 

About the author: Dissent

53 comments to “Modern Business Solutions’ leaky bucket provided a field day for downloaders”

You can leave a reply or Trackback this post.
  1. Regret - October 11, 2016

    Emerson Smith appears to be founder of Modern and registered Hardwell data site http://bgp.he.net/dns/hardwelldata.com#_whois

  2. Kim - October 12, 2016

    I was notified my info was in this file. However I have never heard of this company. Any suggestions on how to protect myself?

    • Dissent - October 12, 2016

      Who notified you that your data was in the file?

      • Dan - October 12, 2016

        Probably a service like https://haveibeenpwned.com

        • Dissent - October 12, 2016

          Thanks, but if people are being notified, I’m not interested in guesses. I’d like to know with certainty as to who’s alerting people.

          Just got confirmation that it’s HaveIBeenPwned.com alerting people.

          • WhatIsMBSanyways? - October 12, 2016

            I was alerted by HaveIBeenPwned via email this morning. I’m looking for more info on what happened, however now it’s time for work…

          • Matthew Stokes - October 20, 2016

            I was notified by Life Lock and have no idea who they are???

          • Anonymous - October 20, 2016

            LifeLock advised me. If that helps you “Dissent”

          • Dissent - October 20, 2016

            Yeah, I contacted them on Twitter earlier to ask how they got the data/info and if they were only notifying subscribers/members.

          • James Casebier - October 27, 2016

            I was notified by Life Lock.. I do not recognize this company.

      • Anonymous - October 20, 2016

        My name is Jeff, LifeLock notified me. I’ve never even heard of MBSolitions.

        • Scott - October 20, 2016

          Same here. Lifelock notified me and I have no idea who these guys are

          • J2S - October 21, 2016

            J2S:

            hello, I was notified by lifelock at 11:40 pm on Oct 20 2016

        • DaHai - October 25, 2016

          LifeLock notified me on Oct 21, 2016 that modbsolutions.com was the source of information stolen and then used, ‘on the dark web.’ The only intersection I can find between myself and this web site is that DropBox.com has used Modern Business Solutions for cloud storage. I cannot find where in the dark web my info was used, but another site reported 394 searches for info on me subsequent to the breach. I have even received ‘senderless’ emails that were TXT extracts from PDF files that I had sent as attachments. Somebody id doing rip&strip on my emails! 🙁

  3. Geneva - October 12, 2016

    I’ve never heard of these tosspots. They had my data – why and how exactly?

  4. Dan - October 12, 2016

    Same here, never heard of that company. Any suggestions how to follow up on this?

  5. Paul - October 12, 2016

    I was notified by haveibeenpwned today. Never heard of the company. Have asked them where they got my data from. Interesting that their email address is a person. And that although they have a UK address their phone number is in Turkey!

    • Darren - October 17, 2016

      They are totaljobs.com

  6. Vee - October 12, 2016

    Would love to know as well. Typically, the advice is to change your passwords. This time, they have vital personal information. Can’t just move, sell my car, or change jobs with this hack…

  7. Jen - October 12, 2016

    Same here. Got a notification from haveibeenpawnd, but have never heard of this site, nor have I visited it. So being told to go there and reset my password is useless, as I don’t have an account there.

  8. foips - October 12, 2016

    I was notified via https://haveibeenpwned.com/. I’m interested in finding exactly what info was leaked for me in particular.. is there some way to find out?

  9. Kim - October 12, 2016

    I was notified by haveibeenpwned as well. I tried going to the business website but the page wouldn’t open.

    • Dave - October 12, 2016

      looks like they might be a online recruitment firm, which explains all the personal info from CVs perhaps

  10. Ollie - October 12, 2016

    I’d be interested to know what information actually was leaked.

    I can see that it could be “full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations”, but I’d rather know for sure so I can manage risk.

  11. Prata - October 12, 2016

    I too was notified by https://haveibeenpwned.com/
    I had never heard of the company either and have emailed them asking on what basis they were holding my information. Interesting to see if I receive any sort of reply but I’m not holding my breath given their lack of comment so far.

    Anyway from their website it looks like Modern Business Solutions hold data for companies such as Jobsite, Monster, Reed, Total Jobs, Career Builder, Money Jobs, City Jobs, Oil Careers.

    • Stephen - October 14, 2016

      Looks like your right about data held for Monster etc, my email was only used for job hunting.

  12. Brenden - October 12, 2016

    Likewise, notified by haveibeenpwned… if they have information on my vehicle, I’m assuming a vehicle related finance service uses this database management as a third party service? More details would be helpful in order to understand what I can do about the breach.

  13. Mary - October 12, 2016

    Well, good to see some have found Modern Business Solutions on LinkedIn. Too bad the negative comments were left for the USA subsidiary in Texas and no one followed it back to the corporate headquarters in India. Yeah, my data was also breached.

    MODERN BUSINESS SOLUTIONS is a PEO (Professional Employer Organisation), providing you the avenue to outsource services related to HR, Legal, Admin and Property Mgmt.

    MBS is an established services provider in western India, registering more than 250% growth record since 2004. In an extremely competitive market dominated by large global giants and national companies, we have marked a dominating footprint using innovative practices, local awareness and speedy systems.

    Website
    http://www.mbsindia.net
    Industry
    Staffing and Recruiting
    Type
    Privately Held
    Headquarters
    Raja Complex, Vijay Cross Roads, Navrangpura Ahmedabad, Gujarat 380009 India

    • Dissent - October 12, 2016

      Looks like that’s a different company, just with the same name. Different logo, even.

      • Mary - October 12, 2016

        No, they do the same thing. Parent company is in India. Modern Business Solutions has offices located all over the US. Your information was probably added to the database if you applied for a job and they did a background check, or you put in an application for a property rental. Anything that required a background check and where the company used Modern Business Solutions.

        Again, parent company is in India.

        Sorry, I’ve worked in the legal field for over 30 years. It’s not that difficult to follow these corporations to the home office even if it is out of country.

        • Dissent - October 12, 2016

          I don’t care how long you’ve worked in any field. You didn’t see the records showing ownership of the company that some of us saw. You’re on the wrong company. I won’t approve any more messages from you like this as you’re only misleading people.

  14. Amy - October 12, 2016

    I also was notified by haveibeenpwned. Usually changing your password is recommended, however, this is obviously not an option upon further research. How do those of us affected protect our personal info?

  15. Rick - October 12, 2016

    I tried to get in touch with Modern Business Solutions. I’d like to to know why they had any of my PII in the first place. I also would like to hold them accountable for allowing my personal information to get stolen and eventually leaked online.

    The phone number on their website is disconnected. The street address looks like it goes to a strip mall in Austin, Texas.

    • Dissent - October 12, 2016

      The 800 number is disconnected? It was working over the weekend when I first called them to alert them to the leak. Interesting.

  16. dw - October 12, 2016

    I found a record there with my email. The “creation date” tracks back to PayU!
    Very interesting…

  17. Taylor Wynn - October 20, 2016

    I would like to make an alliance people. We we’re victims of a breach and nobody is paying the price for it. We demand justice. I believe this whole thing was a conspiracy. I am a hardworking honest American and thus shouldn’t be happening to me or anyone else. Serious people email me at [deleted by moderator]. we have to stand up for each other to get what we want!

    Moderator’s note: This site does not permit solicitations or requests for people to contact them.

    • Taylor Wynn - October 21, 2016

      Exactly who is controlling this website. Im starting to think that everything is controlled this whole thing was planned.

      • Dissent - October 21, 2016

        I am controlling the web site. And the home page for this site has a section in the sidebar on commenting policy that says don’t include your contact info, and that if you do, it may be removed. You probably didn’t read it before submitting your comment.

  18. Anonymous - October 21, 2016

    so this website is here to make us feel better that it

    • Dissent - October 21, 2016

      This site is here to inform its readers and to allow commenters to share information they’ve acquired that might help others in the same boat. Many people have told me I shouldn’t allow comments at all, but I prefer to let readers share information that may help others, or to ask for more information or help if they need it.

      I’ve already tried to flag this incident to the Federal Trade Commission and to the UK Information Commissioner’s Office to suggest they investigate this incident and Modern Business Solutions’ incident response, which so far, has been nonexistent as far as I can see. Not only did they not respond to my phone call and several emails alerting them to their problem(s), but they actually removed their phone number from their web site and changed their web site’s content.

      So if you want to do something other than criticize this site, then do it, and share with others what steps you’ve taken in response to this incident. But don’t post your personal info or links to any lawyers, because neither is allowed. You don’t like my site’s policy on comments? You’re free to go post elsewhere.

  19. Judy - October 21, 2016

    LifeLock notified me today that ModB leaked my email information to the Deep Web, the Dark Web or the Peer-to-Peer Networks.I am curious because I recently was notified of a possible breach of my LinkedIn account. I changed my Linked In password and my email password. I hope that takes care of the situation.

    • Dissent - October 21, 2016

      I hope you’re not re-using email passwords across sites. If you are, start changing them, and use strong passwords. There are many more hacks and leaks than we hear about until months or years later. In the meantime, criminals are using/misusing the information. In ModB case, they failed to secure a database, a hacker noticed it and downloaded it – and then announced it publicly and others also downloaded it… and then put it all up for sale on the dark web.

  20. Patricia - October 21, 2016

    I was notified by LifeLock. I tracked down the website which I believe was FormSwift or Printable Paper when I downloaded some forms.

  21. Fred - October 21, 2016

    Lifelock notified me. I have never had direct contact with modbsolutions. Two of my doctors have initiated online access for patients to review their medical records. Could that portal be involved in this breach?

  22. VLF - October 23, 2016

    I was also notified by LifeLock on Oct 21. I have not applied for any job in years. I am not aware of any association with Modbsolutions. I do not know what information has been revealed.

    Today I received a text message from [email protected] which is an obvious scam. I can only assume this is related to the Modbsolutions breach. I have submitted the text information as a complaint to the FTC, but I cannot see how to submit a complaint about the data breach by Modbsolutions.

    • Dissent - October 23, 2016

      Use the “other” category in the complaint assistant to get started. Eventually, you’ll get to a screen where you can tell them what your complaint is. It would be nice, given so many breaches, if FTC actually provided a specific category to complain about breaches.

  23. Not Happy - October 23, 2016

    My father received notification today of my information being up online on the “dark web”, however I did not receive anything. I have no idea what Modbsolutions is even about, I haven’t applied for a job in like 5 years. This is awful.

  24. Linda - October 25, 2016

    I was notified by LifeLock….never heard of site. I had ordered supplies for my son’s wedding. I will start tracking down those sites. What a pain!

  25. William - October 26, 2016

    I was notified by Lifelock a few days ago. I looked at their website, trying to figure out who had my info, and noticed the physical address. I live in Austin where this company claims to office. My wife owns a retail store in the shopping center they claim to office out of. They are not a tenant there and the suite numbering is done different. Looked shady to me and upon looking more found the forum here. Call them and straight to voicemail with no identification.

  26. Kathleen - October 26, 2016

    I was notified by LifeLock… And honestly LifeLock was worthless my Bank USAA much more helpful!

  27. Patricia Black - October 27, 2016

    I was notified by Lifelock. What do I do about it????

    • Dissent - October 27, 2016

      What you do depends on what info on you was in their database. Did LifeLock tell you that specifically?

  28. Anonymous - October 28, 2016

    I was notified by Life lock. what is the next step to clearing this up.

Comments are closed.