Massive 16TB Corporate Data Leak Exposes Over 4 Billion Records
Researchers from Cybernews uncovered one of the largest publicly exposed datasets ever—a 16TB unprotected database containing over four billion records of professional and corporate data. The leak, discovered on November 23, included detailed LinkedIn profiles, employment histories, and personal information such as full names, phone numbers, job titles, employers, education, skills, social media accounts, and even profile photos.
The data, stored in an unsecured MongoDB instance, appeared to be scraped from public sources over time and across multiple regions. While the database was secured two days after its discovery, the duration of its exposure remains unknown. The incident likely stemmed from human error, a common cause of misconfigured databases lacking proper authentication.
Due to its structured and up-to-date nature, the dataset poses significant risks. Cybercriminals could exploit the information for large-scale phishing campaigns, social engineering attacks, or automated malicious operations—potentially leveraging AI tools like large language models (LLMs) to craft convincing fraudulent messages.
Though collecting publicly available data isn’t illegal, the failure to secure such a vast repository may have legal consequences. The origin of the data and potential accountability for the leak remain unclear.
TPRM report: https://www.rankiteo.com/company/lucidum-inc
"id": "luc1765397886",
"linkid": "lucidum-inc",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Millions of individuals '
'globally',
'industry': 'Data Brokerage/Lead Generation',
'type': 'Corporate/Professional Data Aggregator'}],
'attack_vector': 'Unsecured Database',
'customer_advisories': 'Individuals should update passwords, monitor for '
'phishing attempts, and consider identity theft '
'protection.',
'data_breach': {'number_of_records_exposed': '4+ billion',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information, Professional Data)',
'type_of_data_compromised': ['Full names',
'Phone numbers',
'LinkedIn URLs and profile '
'handles',
'Position titles',
'Employers',
'Employment histories',
'Education details',
'Degrees',
'Certifications',
'Location data',
'Languages',
'Skills',
'Functions',
'Social media accounts',
'Image URLs (photos)',
'Contract information',
'Corporate relationships']},
'date_detected': '2023-11-23',
'date_resolved': '2023-11-25',
'description': 'An unprotected database was discovered online containing over '
'16 terabytes of professional and corporate data, exposing '
'more than four billion records worth of personal information, '
'including LinkedIn profiles and employment details.',
'impact': {'brand_reputation_impact': 'High (potential for large-scale '
'phishing and social engineering '
'attacks)',
'data_compromised': 'Over 16 terabytes of data, 4+ billion records',
'identity_theft_risk': 'High',
'legal_liabilities': 'Possible (failure to secure data may have '
'legal ramifications)',
'systems_affected': 'MongoDB database instance'},
'investigation_status': 'Ongoing (awaiting details on data collection purpose '
'and accountability)',
'lessons_learned': 'Human error in securing databases can lead to massive '
'data exposure, enabling large-scale phishing and social '
'engineering attacks. Proper authentication and security '
'measures are critical for databases containing sensitive '
'information.',
'post_incident_analysis': {'corrective_actions': 'Database secured, but '
'further investigation '
'needed into data collection '
'practices and '
'accountability.',
'root_causes': 'Human error (unsecured MongoDB '
'instance without proper '
'authentication)'},
'recommendations': ['Update passwords for LinkedIn, email, and financial '
'accounts using a password manager.',
'Be vigilant against phishing and social engineering '
'attacks.',
'Sign up for identity theft protection services.',
'Ensure databases are properly secured with '
'authentication and access controls.',
'Monitor for unauthorized access or data exfiltration.'],
'references': [{'source': 'Cybernews'}, {'source': "Tom's Guide"}],
'response': {'containment_measures': 'Database secured two days after '
'discovery',
'third_party_assistance': 'Cybernews researchers'},
'title': 'Unprotected MongoDB Database Exposes 16TB of Professional and '
'Corporate Data',
'type': 'Data Leak',
'vulnerability_exploited': 'Improper Authentication (MongoDB instance left '
'unsecured)'}