CyberNews security analysts have discovered an unprotected database online that contains more than 800 GB of personal information, including detailed records of over 200 million US users.
The records stored in the unsecured database contain the full names and titles of the exposed persons, email addresses, telephone numbers, dates of birth, credit ratings, private addresses, demographic data including the number of children and their genders, detailed mortgage and tax data and other personal data identifiable information.
Based on the analysis of the database, CyberNews assumes that much of the data it contains may come from the US Census Bureau. This is because certain codes used in the database were specific to the agency or are used in the agency’s classifications.
The database in question is located in the United States and was hosted on a Google Cloud server that was available for an unknown period of time. In early March, all records in the database were deleted by an unknown party. However, the empty database is still online and can be accessed without any authentication.
CyberNews also discovered two other folders that are not related to the personal records in the main folder of the database. These folders contain U.S. fire department emergency call lists and a list of 74 bike rental stations that are now owned by Lyft.
Although the two smaller folders contain no personal information, the fire department’s call logs in 2010 contain dates, times, locations, and other metadata about emergency calls. These two seemingly unrelated records can indicate that the database was a collection of stolen data or was used by multiple parties at the same time.
However, security analysts suspect that the database belongs to a data marketing company or a credit card company based on how the data is structured in the root directory.
Even though the database has since been deleted, its content may have been downloaded by a malicious actor, and CyberNews explained how it could affect those whose data have been disclosed:
“If the data were stolen by a malicious actor, the impact on more than 200 million users in the United States could be immense. Selling these records on Darknet marketplaces alone at a below-average price of $ 1 per record would bring the seller around $ 200 million. However, if this data leak is fully exploited by cybercriminals, it can cause countless millions of dollars of damage to defrauded users. “
Hope You Like “Major data breach reveals database of 200 million users” From BollyInside. Stay Tuned For More Updates And Lets Us Know Your Feedback In Comment Section.