A new data breach may have exposed personal information of almost every American adult

“It seems like this is a database with pretty much every U.S. citizen in it,” security researcher Vinny Troia, who discovered the breach earlier this month, told Wired. “I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen,”

A new data breach may have exposed personal information of almost every American adult

Here, we go again. Imagine there's going to be quite the fall out from this.

Wired reported Wednesday that Exactis, a Palm Coast, Fla.-based marketing and data-aggregation company, had exposed a database containing almost 2 terabytes of data, containing nearly 340 million individual records, on a public server. That included records of 230 million consumers and 110 million businesses.

At least this supposedly didn't contain credit information or social security numbers. Well, that's what the say at least.

While the database apparently does not include credit-card numbers or Social Security numbers, it does include phone numbers, email and postal addresses as well as more than 400 personal characteristics, such as whether a person is a smoker, if they own a dog or cat, their religion and a multitude of personal interests. Even though no financial information was included, the breadth of personal data could make it possible to profile individuals or help scammers steal identities.

Exactis said it maintained 3.5 billion consumer, business and digital records, including “demographic, geographic, firmographic, lifestyle, interests, CPG, automotive, and behavioral data.” The company said it has data on 218 million individuals and 110 million U.S. households.

There are about 325 million residents in the U.S., with about 244 million adults and 126 million households, according to the U.S. Census Bureau. Exactis did not immediately respond when asked to confirm the breach. If confirmed, the data leak would be one of the largest in history, and far bigger than the Equifax data breach last year that exposed the personal information of about 148 million consumers.

Don't ya just love how these companies get away with stealing our info and pretty much just spying on us 24/7?

Makes me sick!

originally posted by: slapjacks

Wired reported Wednesday that Exactis, a Palm Coast, Fla.-based marketing and data-aggregation company, had exposed a database containing almost 2 terabytes of data, containing nearly 340 million individual records, on a public server. That included records of 230 million consumers and 110 million businesses.

Can 2 T even hold that much info? I have 2 Terabytes drives

a reply to: slapjacks

Even if that database did not contain social security data or banking data, there is SO much that an identity thief could do with that information.

Who will be held responsible for this breach?

it's by design, they will just keep mishandling data until everyone is fully compromised and all the old personal identifiers no longer work. then they will have a nice bio-metric chip that's unbreachable for everyone to have implanted.

originally posted by: TrueBrit
a reply to: slapjacks

Even if that database did not contain social security data or banking data, there is SO much that an identity thief could do with that information.

Who will be held responsible for this breach?

Going from instances in the past... Probably no one.

a reply to: slapjacks

This is why I'm getting sick and tired of every company out there gathering as much information on us as they possibly can, even if it's just for "marketing research". Even in the video game world there was a stink recently about game companies using Red Shell to see if their marketing is working or not, and what they can do to improve it. Thankfully there was enough of a backlash that almost all the developers removed it from their games.

a reply to: slapjacks

I agree, but if that is going to be the way it is, law needs passing which requires someone either go to jail, or pay a business destroying fine in the event of a breach like this.

Good examples for why such monstrosities should be banned.

Too bad people who check into the news, from here to Saigon and back again, only seem to care about bashing / protecting Trump & Hillary.

originally posted by: smkymcnugget420
it's by design, they will just keep mishandling data until everyone is fully compromised and all the old personal identifiers no longer work. then they will have a nice bio-metric chip that's unbreachable for everyone to have implanted.

Your biometric data has to be stored in a secondary, tertiary, etc location for comparison, in a database lol. So that's hackable. If the biometrics ae stored in an RFID in your hand, that's hack off able. If no data is stored locally on or in the person, eyes, fingers, blood and hands are removable. With microchipping, watch how the violent crime rates go through the roof. High tech criminals will not stop at databases and if the money is lucrative enough, they will hire outside contractors who are not so squeamish for the wet work.

Cheers - Dave

it does include phone numbers, email and postal addresses as well as more than 400 personal characteristics, such as whether a person is a smoker, if they own a dog or cat, their religion and a multitude of personal interests

So what. I don't answer my landline anymore unless it's a number I recognize. I know, even that can be spoofed but that doesn't happen much. When I pick up the mail from the box at the end of my driveway, I pass the garbage can on the way back into the house. Almost all of it goes in the bin. Companies can use their time and money but I can just as well ignore them. This reminds me though, I need to keep putting bogus details in any survey I answer.

a reply to: TrueBrit


I agree. It's about time big internet businesses pays big time for data breaches. These internet companies are collecting, using, and selling peoples data and earn a fortune for it, with very little consequence for these breeches.

a reply to: TrueBrit

Who will be held responsible for this breach?

Oh, there will be class action lawsuits. All they will require is your name, DOB, SSN, phone number, email address, physical address, mothers maiden name and past residences.

Then the lawyers will give you .10% of your individual share!

a reply to: mysterioustranger

Yes. That's an average of over 6k per record.

originally posted by: TrueBrit
a reply to: slapjacks
Who will be held responsible for this breach?

No one.

originally posted by: IgnoranceIsntBlisss
Good examples for why such monstrosities should be banned.

Too bad people who check into the news, from here to Saigon and back again, only seem to care about bashing / protecting Trump & Hillary.

this is a lot like gas prices. You can be angry, you can shake your fist, you can even yell at the gas pump or the teenager behind the register, but none of that will effect any change. Show me the bad man here, and we can all give him the Maxine Waters treatment.

Why is this on a public server?

Thus is something that I believe actually needs regulation.

The problem is that often its cheaper for these companies to risk a Data breach than it is to update infrastructure and pay full time network and security engineers.

A CCIE in the industry can cost up to 300k or more with incentives plus the support and thats just a network tech you need security policy among other things and it all cost big money

a reply to: theantediluvian

Great. Makes sense. Thanks.... MS

I've received 3 emails this week from companies telling me i once applied for a job and that the company they use to manage applications was hacked and my information compromised.

3 companies... all told me the same thing!

unreal..

funny story: I came home the other day and put my bin out.. my bin was DAMN heavy.. i opened it and found a satchel bag.. inside the bag were 1000's and 1000's of unopened letters/mail.. some were from banks, drivers licence renewals, bills, advertising.. there were random addresses.. there were small batches all addressed to the same addresses..

it was really sus so i took it to the police station.. they practically laughed at me and asked what i expected them to do..
i simple said it was an identify thieves paradise and this could be a mailman hoarding mail..

he took and said... '' well do you want it back after we're done ''

....

originally posted by: toysforadults
Why is this on a public server?

If I had to guess, it's because the IT guy who was responsible doesn't give a snip about his work.
I can't blame him, he was likely being overworked and underpaid by these crooks- just like the rest of us.


Thing is, nobody will be punished. The company that 'lost' the data is only mad because they cant sell that data anymore, it's already free.