1.2 Billion Records Found Exposed Online in a Single Server

Found on Wired on Friday, 22 November 2019

While the collection is impressive for its sheer volume, the data doesn't include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.

“The owner of this server likely used one of our enrichment products, along with a number of other data-enrichment or licensing services," says Sean Thorne, cofounder of People Data Labs. "Once a customer receives data from us, or any other data providers, the data is on their servers and the security is their responsibility. We perform free security audits, consultations, and workshops with the majority of our customers."

"Security is their responsibility" is such a convenient excuse when you actively sell the data of people which never have knowingly agreed to. The business idea of People Data Labs and Oxydata is already shady at best.

Browse all articles« Previous « » Next »