Contact management and networking app.
In February 2020, a large trove tracked as "db8151dd" was found exposed on a publicly facing Elasticsearch server and later confirmed by the contact-management app Covve as coming from a legacy, decommissioned system. It contained roughly 103 million records covering about 22 million individuals, including names, job titles, email addresses, phone numbers, and physical addresses. Many affected people were third-party contacts stored/enriched by Covve users rather than Covve customers. The data was provided to Have I Been Pwned.
ObscureIQ assessment: High risk because the platform may expose not just the user, but their broader contact network. Exposure enables phishing, relationship mapping, executive targeting, and social-graph exploitation.
Because Covve enriched and stored contact records for people who were merely in users' address books (not Covve users themselves), the exposure affected millions of third parties with no direct relationship to the app. Exposed names, job titles, emails, phones, and addresses enable targeted phishing, business-themed social engineering, and doxxing.
Covve is a contact-management / smart-address-book app (developed in Cyprus) that helps users organize professional contacts and enriches contact records with data gathered from the internet.
Contact-management apps collect personal and professional contact records, emails, phone numbers, notes, network relationships, and account data tied to address-book organization and networking workflows.
In February 2020, an exposed publicly facing Elasticsearch database (initially tracked as "db8151dd") was found and later confirmed by Covve as originating from a legacy, decommissioned system. It contained ~103 million records covering about 22 million people.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Database Exposure.
If you believe your information may be included:
In February 2020, a large trove tracked as "db8151dd" was found exposed on a publicly facing Elasticsearch server and later confirmed by the contact-management app Covve as coming from a legacy, decommissioned system. It contained roughly 103 million records covering about 22 million individuals,…
Verified fields include Email Address, Full Name, Job Information, Phone Number, Physical Address, Social Media Profile.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation