Marketing Firm Leaked Database With 340 Million Records
And now there's also a good chance that whatever information the company has about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look.
Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses.While the precise number of individuals included in the data isn't clearand the leak doesn't seem to contain credit card information or Social Security numbersit does go into minute detail for each individual listed, including phone numbers, home addresses, email addresses, and other highly personal characteristics for every name.
"It seems like this is a database with pretty much every US citizen in it," says Troia, who is the founder of his own New York-based security company, Night Lion Security.
And when WIRED asked him to find records for a list of 10 specific people in the database, he very quickly found six of them.
While it's far from clear if any criminal or malicious hackers have accessed the database, Troia says it would have been easy enough for them to find. Troia himself spotted the database while using the search tool Shodan, which allows researchers to scan for all manner of internet-connected devices.He says he'd been curious about the security of ElasticSearch, a popular type of database that's designed to be easily queried over the internet using just the command line.
"If you have a profile on someone, that person should be able to see their profile and limit its use," Rotenberg says.
We use cookies and analyse traffic to this site. By continuing to use this site, closing this banner, or clicking "I Agree", you agree to the use of cookies. Read our privacy poplicy for more information.