-
Data stolen from a ClearVoice Surveys database back in 2015 and published online in 2021 has now resurfaced, dragging old wounds into the spotlight.
-
The data leak exposed 18.1 million accounts—passwords, addresses, etc.
-
ClearVoice admitted the breach, tightened up security, and now they’re facing a lawsuit for letting user data slip through the cracks.
A huge pile of user data that got stolen years ago is back in the news. The information is deeply personal and dangerous. It puts millions of people at immediate risk of identity theft and fraud.
Details of the Data Leak
A member of a dark web forum recently posted about a huge database backup. The data came from ClearVoice Surveys’ marketing platform and leaked online in 2021.
This wasn’t a new hack. The backup itself was from August 2015. It contained a stunning amount of user information.
In total, data from 18.1 million accounts was exposed. The leak included over 17 million rows of data. Each row contained multiple pieces of personal information.
This stolen info is a jackpot for criminals. It has names, genders, emails, phone numbers, home addresses, even IP addresses, and worst of all, birthdays and passwords. Such comprehensive personal information fuels a thriving dark web economy, where the value of different data types fluctuates based on demand—similar to the recent surge in prices for stolen Korean credit card details on these same markets.
The attackers didn’t encrypt the passwords at all, leaving them completely unprotected. This means anyone with the database can read them directly. It is a major security failure.
Company Response and Legal Repercussions
ClearVoice Surveys responded after the 2021 leak. The company advised that they were aware of the breach. They verified that the data was real.
The company fixed things by removing malware and backdoors and made their security better.
ClearVoice Surveys worked with security professionals to check things out. The company let the people affected know and told them to change their passwords just to be safe. This same database actually showed up on Have I Been Pwned back in April 2021, so anyone can check there to see if their info’s on the list.
Meanwhile, this incident led to a lawsuit – Merchant Law Group LLP filed a class action suit, claiming ClearVoice Surveys didn’t do enough to protect the sensitive personal info of users online.
The law firm is urging affected individuals to join the suit. The purpose of this class action lawsuit is to uncover the truth behind the data leak.
How to Stay Safe
If you think a data leak may have affected you, take these steps to stop things from getting worse:
First, check Have I Been Pwned to see if your information has been exposed. If it is, change your ClearVoice Surveys password right away! Pretend your old one’s public. Make a new, strong one you’ve never used.
Next, and this is key, change your passwords on other accounts, too –especially if you used the same one.
Hackers try to steal info of tons of sites. This kind of credential reuse is exactly what fuels larger breaches, such as when thousands of WordPress admin credentials are exposed and sold, allowing attackers to hijack entire websites. Don’t let them into your email or bank. Turn on two-factor authentication (2FA) everywhere possible, starting with email and money accounts. This really helps block logins.
Phishing scams are all over the place now, so there’s a need to be watchful. With your name, email, and number are out there, watch out for phishing.
Heads up—if you get some sketchy text, call, or email about your old account, don’t just trust it, even if they drop your name or whatever. Scammers like creating a false emergency (it’s one of their tricks), so if someone’s all “ACT NOW OR ELSE,” just chill for a sec – chances are it’s all lies.
Just don’t click those links in emails or texts. Stay away from any links attached to such emails or messages. Think an alert might be real? Go straight to the company’s website in your browser and verify it yourself there instead.
