Sign Up | Log In
REAL WORLD EVENT DISCUSSIONS
Massive Data Leak Could Affect 300 Million Americans
Friday, June 29, 2018 2:04 AM
SIGNYM
I believe in solving problems, not sharing them.
Quote:Earlier this month, the renowned security researcher Vinny Troia announced that he discovered an unsecured database containing around 340 million individual records. According to Troia, the database included profiles of a few hundred million Americans belonging to Exactis, a Florida-based marketing and data-aggregation firm. Troia told Wired that the catch contains about two terabytes of data that includes personal information of almost every American adult, along with millions of businesses. While the database does not include credit-card numbers or Social Security information, it does include phone numbers, home addresses, email addresses and personal characteristics for every name, such as interests and personal habits, plus the number, age, and gender of the person’s children. Other types of information found: religion, whether a person smokes, kind of pet. Even though the millions of individual profiles did not include financial information, it was more than enough data to help scammers steal identities. “It seems like this is a database with pretty much every US citizen in it,” said Troia, who is the founder of his own New York-based cyber security company, Night Lion Security. Troia searched the database for about 40 or 50 names and “everybody he searched for came up. I searched for celebrities; I searched for people I know.” WIRED then asked him to search for ten people, which he only found six of them. “I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen,” he stated. Troia explained to Wired that he was able to access the database on the internet, and he warned that plenty of other people could have as well. Once the unsecured database was discovered, he contacted Exactis and the FBI about the vulnerability, and since, the database has disappeared from the public domain. If Troia’s numbers are remotely accurate, this leak could be one of the most significant data security breaches in several years, surpassing last year’s Equifax breach and the Facebook debacle with Cambridge Analytica.
Friday, June 29, 2018 3:47 AM
JEWELSTAITEFAN
Quote:Originally posted by SIGNYM: Quote:Earlier this month, the renowned security researcher Vinny Troia announced that he discovered an unsecured database containing around 340 million individual records. According to Troia, the database included profiles of a few hundred million Americans belonging to Exactis, a Florida-based marketing and data-aggregation firm. Troia told Wired that the catch contains about two terabytes of data that includes personal information of almost every American adult, along with millions of businesses. While the database does not include credit-card numbers or Social Security information, it does include phone numbers, home addresses, email addresses and personal characteristics for every name, such as interests and personal habits, plus the number, age, and gender of the person’s children. Other types of information found: religion, whether a person smokes, kind of pet. Even though the millions of individual profiles did not include financial information, it was more than enough data to help scammers steal identities. “It seems like this is a database with pretty much every US citizen in it,” said Troia, who is the founder of his own New York-based cyber security company, Night Lion Security. Troia searched the database for about 40 or 50 names and “everybody he searched for came up. I searched for celebrities; I searched for people I know.” WIRED then asked him to search for ten people, which he only found six of them. “I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen,” he stated. Troia explained to Wired that he was able to access the database on the internet, and he warned that plenty of other people could have as well. Once the unsecured database was discovered, he contacted Exactis and the FBI about the vulnerability, and since, the database has disappeared from the public domain. If Troia’s numbers are remotely accurate, this leak could be one of the most significant data security breaches in several years, surpassing last year’s Equifax breach and the Facebook debacle with Cambridge Analytica. MORE AT https://www.zerohedge.com/news/2018-06-28/massive-data-leak-could-affect-300-million-americans
Friday, June 29, 2018 8:00 AM
Quote:Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records You've probably never heard of the marketing and data aggregation firm Exactis. But it may well have heard of you. And now there's also a good chance that whatever information the company has about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look. Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses. While the precise number of individuals included in the data isn't clear—and the leak doesn't seem to contain credit card information or Social Security numbers—it does go into minute detail for each individual listed, including phone numbers, home addresses, email addresses, and other highly personal characteristics for every name. The categories range from interests and habits to the number, age, and gender of the person's children. "It seems like this is a database with pretty much every US citizen in it," says Troia, who is the founder of his own New York-based security company, Night Lion Security. Troia notes that almost every person he's searched for in the database, he's found. And when WIRED asked him to find records for a list of 10 specific people in the database, he very quickly found six of them. "I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen," he says.
Friday, June 29, 2018 8:12 AM
6IXSTRINGJACK
Friday, June 29, 2018 3:48 PM
Quote:Originally posted by 6IXSTRINGJACK: I'd say that there should be laws barring companies from collecting this sort of data, but at this point I think it's moot. I don't do facebook. I don't have a smart phone... or even a cell phone. I check all of my credit and bank statements at least once a month and have always caught anyone trying to use anything fraudulently. I don't click on suspicious emails. Even if somebody had all of the above information about me listed above in that data breach, the chances that they'd ever be able to get a hold of me are about as good as the chances of my employer reaching me to call me in on one of my days off. Hope that text messaging is really worth it. ;) Do Right, Be Right. :)
Friday, June 29, 2018 3:55 PM
Quote:I'd say that there should be laws barring companies from collecting this sort of data, but at this point I think it's moot.
Friday, June 29, 2018 8:55 PM
Quote:Originally posted by JEWELSTAITEFAN: Quote:Originally posted by 6IXSTRINGJACK: I'd say that there should be laws barring companies from collecting this sort of data, but at this point I think it's moot. I don't do facebook. I don't have a smart phone... or even a cell phone. I check all of my credit and bank statements at least once a month and have always caught anyone trying to use anything fraudulently. I don't click on suspicious emails. Even if somebody had all of the above information about me listed above in that data breach, the chances that they'd ever be able to get a hold of me are about as good as the chances of my employer reaching me to call me in on one of my days off. Hope that text messaging is really worth it. ;) Do Right, Be Right. :)Hahahahahahahaha. Troll. There are laws barring collection or assimilation of gun ownership data, but that never stopped Hilliary. Those were Federal Laws. So if they already transferred the Title of your House, you don't care until you get evicted tomorrow?
Saturday, June 30, 2018 2:49 AM
Quote:California passes digital privacy bill that could have impact across U.S. The bill requires companies like Google, Facebook and Amazon to tell users what data they collect and who they share it with. SAN FRANCISCO — California enacted the nation’s strongest data privacy law on Thursday that could presage national changes to how big tech companies, including Facebook, Google and Amazon, collect and use personal data. The law, passed by the state legislature on Tuesday and signed by Gov. Jerry Brown, requires companies to disclose the types of data they collect about consumers and with whom they share that information. Companies will be forced to let consumers opt-out of having their data sold. The law will also prohibit companies from charging a consumer or treating them differently because they opted out of having their data sold. Companies will also be required to secure customer data or risk being fined by California’s attorney general, according to the legislation. The protections won’t take effect until 2020, meaning the fight between lawmakers, advocates and tech companies to further shape the regulations, or water them down, is still far from over. Still, California’s new privacy protections have been heralded as the strongest consumer privacy measure in decades and are part of a growing movement to give people more control over their data. While the spirit of the law is similar to Europe’s General Data Protection Regulation, which went into effect last month, it doesn’t go as far as GDPR, which is now considered the strongest data privacy law in the world. In response to GDPR, which took effect last month, many large tech companies, even those based in the U.S., revamped their privacy policies and created tools to give users more control over the types of data that is collected. James Steyer, founder and CEO of nonprofit tech watchdog Common Sense, said the passage of the bill is a “huge victory” but isn’t perfect. “I would like to see even more aspects of privacy opt-in versus opt-out, but this is a huge improvement,” Steyer said. The vote wasn’t without a bit of last-minute drama. Lawmakers had until Thursday afternoon to pass the bill, entitled the California Consumer Privacy Act of 2018. If they did, Alastair Mactaggart, a wealthy real estate developer, said he would pull an even tougher measure that had secured a spot on the state’s November ballot. Mactaggart’s Californians for Consumer Privacy bill would give consumers even more power over their data, such as the ability to sue companies that may have mishandled their privacy and security. The Internet Association, the lobbying force representing many large technology companies, had expressed its disapproval for the ballot measure. Sheryl Sandberg, Facebook’s chief operating officer, told reporters at an event held at Facebook headquarters on Thursday morning that the social network supported the legislative action. Once signed, the bill will provide California residents with the strongest consumer privacy protections in the United States. It is also expected to have wide-ranging implications for everyone in the United States. The California legislation is a beacon to privacy rights activists who have said they believe the next steps could be instituting stronger privacy protections at the federal level. Regardless of whether Congress acts, Steyer said California’s law will have a ripple effect and be a positive for all Americans. “California’s law will become the law of the land,” he said. “Waiting for Congress and this current executive breach to be functional is like a joke."
Saturday, June 30, 2018 8:18 AM
Saturday, June 30, 2018 12:34 PM
Quote:Originally posted by 6IXSTRINGJACK: Quote:Originally posted by JEWELSTAITEFAN: Quote:Originally posted by 6IXSTRINGJACK: I'd say that there should be laws barring companies from collecting this sort of data, but at this point I think it's moot. I don't do facebook. I don't have a smart phone... or even a cell phone. I check all of my credit and bank statements at least once a month and have always caught anyone trying to use anything fraudulently. I don't click on suspicious emails. Even if somebody had all of the above information about me listed above in that data breach, the chances that they'd ever be able to get a hold of me are about as good as the chances of my employer reaching me to call me in on one of my days off. Hope that text messaging is really worth it. ;) Do Right, Be Right. :)Hahahahahahahaha. Troll. There are laws barring collection or assimilation of gun ownership data, but that never stopped Hilliary. Those were Federal Laws. So if they already transferred the Title of your House, you don't care until you get evicted tomorrow? Is this a parody reply? Do Right, Be Right. :)
YOUR OPTIONS
NEW POSTS TODAY
OTHER TOPICS
FFF.NET SOCIAL