A spam group "calling themselves River City Media (RCM). Led by known spammers Alvin Slocombe and Matt Ferris" has left backup servers exposed, containing operation critical files, including "a database of 1.4 billion email accounts combined with real names, user IP addresses, and often physical address".
Includes information about how they used a slowloris attack to open a ton of connections to gmail, and force it to process a massive amount of email at once.
As the article rightly points out:>Imagine the privacy and legal implications here. Law enforcement agents normally have to go through a subpoena process before a service provider will hand over the name behind an IP address or account. This list maps out 1.4 billion.
It seems apparent that CoRegistration was a source for these collected email addresses - sites sharing details you provide with third parties. RCM themselves posed as a media company.
It makes me wonder how many other operations like this are out there, and how easy must it be to scrape personal information en masse like this.
Spamhaus has blacklisted RCM's infrastructure.