A newly reported data leak from a marketing firm could affect hundreds of millions of Americans according to security researchers.
Exactis, a Florid-based marketing and data-aggregation firm has allegedly leaked detailed information on American adults and businesses according to security researchers. Currently, the exact number of those affected is unknown but the data leak involved approximately 340 million records that were left accessible via a public server. Wired first reported that the data could include individuals phone numbers, home addresses, email addresses, personal characteristics, interests and habits, and the number, age, and gender of the person’s children. Also included amongst the data was individual’s religion, whether a person smokes, types of pets, and much more.
The Exactis website claims that the firm has the data of 218 million individuals, this includes 110 million U.S. households and 3.5 billion “consumer, business and digital records.” The security researcher that discovered the leak and reported it to Exactis, Vinny Troia, said in an interview that he searched through the database of the server with approximately 40 or 50 names and “everybody I searched for came up. I searched celebrities, I searched people I know.”
Troia, the founder of Night Lion Security, further stated: “It seems like this is a database with pretty much every U.S. citizen in it. I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen.” Troia continued: “When I looked myself up, I found the name of my mortgage lender, the value class of my home and whether or not I had certain kind of credit card.”
Troia has also reported his findings to the FBI. If the numbers on Exactis’ website are correct, this could potentially be one of the largest data security breaches in some time, beating the Equifax breach of last year and the recent Cambridge Analytica scandal which saw the private info of 87 million Facebook users allegedly left vulnerable.