March 10, 2006
Stolen "iBill" data still online
This week, Wired News published a story about a massive security lapse apparently affecting data owned by iBill, the payment processor for many porn sites. But a follow-up article published yesterday reports that the cache of 17-million-plus records may not belong to iBill after all.
iBill officials say a cross-reference of email addresses in the cache, discovered on the Internet by security firms, shows that only three are iBill customers.
So who hemorrhaged all the customer data, if it's not iBill?
If authorities really want to find out, they can start by contacting a spam data-broker known as James Botkin.
As I reported last year, Botkin's company, then known as Optin Supply, Inc., has been offering huge databases for sale to spammers. Among the lists for sale by Botkin last year was one containing 11.9 million records described as "Full iBill Data with CC type."
A sample of the alleged iBill database offered by Botkin is still online, thanks to Archive.org. (Screen grab here.) Among the 1,048 sample records are a couple on people holding what are identified as "Dinner" cards. Presumably this means Diner's Club cards. If so, all of the nearly 12 million iBill records marketed by Botkin may not be from iBill either, since the payment company has told Wired News it doesn't accept Diner's Club cards.
So where do list brokers like Botkin get all this data? Many are apparently cutting deals with e-commerce sites and internet marketing firms for what they call "opt in" data. As I reported in my article last year, the records usually include home addresses, phone numbers, and an IP address corresponding to each list entry as evidence that the customer data was voluntarily provided by visitors to an online store or other web site.
Botkin continues to operates several sites, including onebedroomapartm.com and optinsearchdb.com, from which he sells huge collections of data. Botkin does most of his marketing via the SpecialHam.com spammers forum, where he currently uses the username bigmailmanbig.
Last month, someone started a new thread at SpecialHam.com with the subject "onebedroomapartm.com's list is BAD !!," to which forum regulars chimed in with comments like, "I cant belive you fell for this guy is data is complete usless garbage always has been always will be.. For years everyone has known it."
We may never know where the data reported on by Wired News came from. But my guess is that the big cache may simply be "opt in" data -- perhaps even from the same source that serves James Botkin.
Posted by brian at March 10, 2006 10:39 AM
The IBill data was never sold from the site. It was crap, and was passed to more than 100 people before I even got a small sample of it. So your news story alleging that I passed it around is wrong.
Posted by: James at March 13, 2006 4:55 PM
James, thanks for the information. Sounds like your're saying you never managed to sell the "iBill Data." Contrary to your statement, I didn't imply you (or any other spammer) were the original source of the data. I said you might have information about who was.
Posted by: Brian at March 13, 2006 10:49 PM