Researchers have noticed that detailed personal information of more than 200 million Americans was exposed in a data breach. This is the latest in a long list of data security incidents over recent months and years.
Data privacy has become a serious concern following the many high-profile data harvesting and leaks that have collectively exposed how vulnerable data security is. The recent confirmation that a Verily coronavirus screening website requires users to open a Google account highlights how far the requirement for data stretches. Many of the recent incidents have involved smartphone data with leaks happening due to apps and social media platforms, including Facebook. The problem has become so severe that even tools that are supposed to protect privacy rather than compromise it (like VPNs and ad-blockers) have also leaked or shared data.
Click the button below to start this article in quick view.
According to Cybernews, this new data breach is different from the other cases due to the fact that researchers have no idea where the data originally came from. Researchers found around 800 gigabytes of detailed information on more than 200 million users in a publicly accessible database. Although you can still access the database, all the data was wiped by someone on March 3. Nevertheless, the information was out there and vulnerable, if found by those looking for a data treasure chest like this.
What Data Did The Database Contain?
According to the report, the database was substantial, and included personal information, such as full names, titles, date of births, email addresses, and phone numbers. This is in addition to financial information, including real estate addresses, credit ratings, tax and mortgage records. Furthermore, there was also other personal information on show, such as political, charitable and religious donations. Overall, this is a comprehensive list and one that the researchers suspect came from a government database with the most likely candidate being the U.S. Census Bureau – folders and codes used have been suggested as specific to the Bureau. Separate to personal information, there were two additional folders noted in the database, reported to be containing emergency call logs of a U.S. fire department, and a list of 74 bike share stations owned by Lyft.
Stored in a US-based Google Cloud server, and available for an unknown period of time, the database could have been accessed by anyone with the knowledge of its existence. In the wrong hands, such a detailed collection of information could prove to be a major problem for those affected. The information could cause serious financial damage if used to commit fraud, and could be prone to further attacks, such as scam emails. For example, last week it was reported how hackers were targeting people using fake coronavirus emails containing malware.
Source: Cybernews
