Huge database leak reveals 1.37 billion email addresses, exposes illegal spam operation

“A faulty backup has inadvertently exposed the entire working database of notorious spam operator River City Media (RCM),” Mark Wilson reports for BetaNews. “In all, the database contains more than 1.37 billion email addresses, and for some records there are additional details such as names, real-world addresses, and IP addresses. It’s a situation that’s described as ‘a tangible threat to online privacy and security.'”

“The leaked, and unprotected, database is what’s behind the sending of over a billion spam emails every day,” Wilson reports. “But it’s more than a database that has leaked — it’s River City Media’s entire operation. Business plans, HipChat logs, accounts and much more.”

Wilson reports, “It remains to be seen quite what impact this will have on River City Media’s operations, and whether there will be an immediate reduction in the amount of spam flying to inboxes around the world.”

Read more in the full article here.

MacDailyNews Take: A pox on the RCM firehose of spam!


        1. As with all email lists, some addresses are outdated but a good number may be useful.
          In the end for a spammer, getting new addresses for free that they did not have before will increase their scope. The more addresses, the more likely they will get a hit.
          Sounds like RCM is a major player but obviously not the only one.
          What’s funny is that they revealed everything including their business practices. Someone could be going to jail.

  1. “It remains to be seen quite what impact this will have… whether there will be an immediate reduction in the amount of spam flying to inboxes around the world.”

    I can answer that based on my own Inbox observations. NO!

  2. Details about the leak come courtesy of Chris Vickery from macOS security firm MacKeeper .

    Good Gawd. Chris is an accomplished computer security expert who was hired by Kromtech (who currently own MacKeeper) to clean up their ruined reputation by providing victims/customers with actual computer security (versus the bogus, already built into macOS features built into the OS).

    Judging from the new rash of faked & coerced positive reviews of MacKeeper at the usual places, I personally see of no need to offer MacKeeper the time of day (aka respect). But bravo to Chris Vickery! 😀

  3. So, is this revelation good or bad?

    In the short term, yes. But in the long term, it doesn’t actually make much difference. However, it is terrific to expose River City Media as stinking spam spewing scum. 💩

    The traditional way it works in the world of spamrats is that victim data is collected/scoured from the Internet by a wide variety of evil means. This includes but is not exclusive to:

    A. Spider bots that crawl the Internet searching for email addresses left anywhere. (A victim posts their email somewhere, it’s now public property. So don’t do that). 🕷

    B. Nefarious software sucks up a victim’s address book then sells it to the highest bidders. Such software includes any that phone home to Google Analytics or wicked web browser add-ons (example: Web Of Trust, WOT, was caught doing exactly this). So avoid that. 🕸

    C. A victim signs up for an email list of some sort, from social causes to store announcements. Their email address is then sold off to the highest bidder. So avoid that. 💰

    D. Web groups allow in a bot or spam rat that collects all the member addresses then sells that list to the highest bidder. 💰

    Sometimes the spam rats themselves are involved in nefarious email/victim data collection. But most often they buy it. These lists are easy to find if one is used to The Dark Web, etc. 👺

    So, is the revelation of this list going to cause DIRE SPAM ESCALATION? Yes, in the short term. It means the current spam rats and newbie spam rats get lots of ill gotten goods for freez. But its entirely likely that this entire list was already available on the net for those willing to pay for it.

  4. I have a client that averages 1200-1400 spam and other blocked messages per hour. Today, so far, they are averaging 300. The fire wall is usually at 70% capacity or higher, but today it is at 1%. Keeping my fingers crossed.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.