Hacking Alert Cloud Data Leak Exposes Information on 123 Million Americans

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Slyguy

Level 28
Jan 27, 2017
1,766
7,090
Operating System
Other OS
#1
Time and again over the course of 2017, security researchers have discovered personally identifiable information sitting on publicly accessible Amazon S3 cloud storage instances.

The latest company to misconfigure cloud data storage is data analytics firm Alteryx, which exposed information on 123 million American households in a data leak reported by security firm UpGuard on Dec. 19.

"Exposed within the repository are massive data sets belonging to Alteryx partner Experian, the consumer credit reporting agency, as well as the US Census Bureau, providing data sets from both Experian and the 2010 US Census," Dan O'Sullivan, cyber resilience analyst at UpGuard, wrote in a blog post. "While the Census data consists entirely of publicly accessible statistics and information, Experian’s ConsumerView marketing database, a product sold to other enterprises, contains a mix of public details and more sensitive data."


The misconfigured Amazon S3 storage instance was discovered by UpGuard Director of Cyber Risk Research Chris Vickery, who reported the issue to Alteryx so that it could be fixed.
AWS again..

Cloud Data Leak Exposes Information on 123 Million Americans
 
Last edited by a moderator:

Solarquest

Moderator
Staff member
AV-Tester
Jul 22, 2014
1,925
15,555
#2
Unsecured Amazon S3 Bucket Exposes Details on 123 Million American Households

...
...
The Experian data was stored in a file named "ConsumerView_10_2013.yxdb and contained what UpGuard researchers described as the "personally identifying details and data points about virtually every American household."

More precisely, the database contained over 3.5 billion details for over 123 million American households.

The data included both personally identifiable information such as addresses, home details, contact information, or homeowner ethnicity, but also financial details such as mortgage status, financial histories, and purchase behavior.

Considering the data belonged to Experian, you can expect any piece of personal and financial details used in credit reporting to be cataloged in the database.

Data didn't include names, but it doesn't matter
...
...
 
Nov 15, 2016
580
9,362
Operating System
Windows 10
Installed Antivirus
Default-Deny
#3
The Experian data was stored in a file named "ConsumerView_10_2013.yxdb and contained what UpGuard researchers described as the "personally identifying details and data points about virtually every American household."

More precisely, the database contained over 3.5 billion details for over 123 million American households.
I love it. Just awesome to know that much data was leaked out. Whats even better is it happened right before the holiday. Good job people. You guys that use Amazon servers really know how to keep them secure. :mad:

The misconfigured Amazon S3 storage instance was discovered by UpGuard Director of Cyber Risk Research Chris Vickery, who reported the issue to Alteryx so that it could be fixed.
Whats the point, damage has already been done. Might as well just leave it go.