Skip to main content

Open Database Exposes Info Of 340 Million People

By July 16, 2018June 3rd, 2022Cybersecurity

Internet security researcher Vinny Trola recently made a huge and disturbing discovery.  A marketing firm called Exactis had left a massive database unsecured, allowing anyone who stumbled across it to access it.

As a marketing firm, Exactis collects simply mind-boggling amounts of data on consumers all over the globe.

The database in question was a staggering two terabytes in size, and contained more than 150 data fields. Social security numbers were not included in the exposed data.

A variety of personal identification was available, including:

  • Name
  • Political affiliation
  • Bank account details (including balances)
  • Information on other financial accounts, including stock holdings
  • Political affiliation
  • Donations to political causes
  • The number of children living in the person’s home
  • The ages of those children

In short, it’s more than enough personally identifiable information to make it a casual exercise for a determined hacker to link it back to a person’s social security number.  Even if they didn’t want to jump through the hoops to do that, there’s still enough information in the massive data file that it could open the door to all manners of phishing and other scams.

Trola informed Exactis about the exposed database, and the company immediately took steps to secure it. However, it was sitting there completely unguarded and unsecured for more than two months, and there’s no telling how many people may have accessed the data inappropriately.

Exactis has no formal relationship with any of the people they collect data on,  so they’re under no obligation to and are unlikely to inform the people in the database that their personal information was exposed. Given that, your best bet is to assume that you were mentioned in the database, and be on the alert for phishing and other scams in the months ahead.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.