Up to 80 million US households had their personal information exposed by an unprotected database
What Happened?
On Monday, a pair of security researchers shared their discovery of an unprotected online database containing the personal information of up to 80 million US households.
The personal information found in the huge database, discovered on a cloud server, includes combinations of:
Physical address (city, state, zip)
First and last names of individuals in the household
Age and dates of birth
Longitude and latitude of the household
Additionally, the database was found to include coded results for: title, gender, marital status, income, homeowner status, dwelling type. Social Security number and payment information was not found in the database.
What Does this mean?
A data exposure or data leak is different from a data breach. In a breach, unauthorized access to sensitive information is intentional. In a data exposure like this one, the sensitive information is left out in the open, often because the server was not set up with the proper security.
The security researchers believe the database may belong to an insurance, healthcare, or mortgage company, in part because the data appears to be limited to people over the age of 40. The database has been up and potentially leaking information since February. The cloud storage provider notified the data owner who is responsible for securing it and has taken steps to limit unauthorized access.
this is horrible, what a huge leak.
Someone out there could combine this set with others available and know everything about a large subset of the nation.
That’s why I go to a new provider, every time the existing provider tells me it’s time to change passwords.
So I can keep my current password with my new provider. It’s “123456” for some time now.
But only after a previous provider warned me there was already a subscriber with the password “welcome”.
.
Fairy tales? Not really. This happens almost every day.
Though: a (ordered by gov’t regulator) switch to another provider forced me to change my mail address.
Most Chinese sellers demand that you open up a new account with them if that happens.
One did not agree that the password I entered upon registration, was the same as in my expiring account.
.
Today almost everything you enter by keyboard (and not by mouse click) may be considered to be a hack.
In the “good old days” you could almost literally fall into the cookie jar if you went for the directory “Bin”
Actually got a spam/scam call last week on the cell, didn’t answer as not local area code, and they left a message……………In Chinese
Being that Gearbest has that number (needed it for DHL contact on Express package, legit reason as DHL did need to contact) and the fact that GB got hacked recently it seems probable that GB hack is the source.
Number was spoofed from New York.
Fun times we live in Kids!
