Cloud Database Removed After Exposing Details on 80 Million US Households

The addresses and demographic details of more than 80 million US households were exposed on an unsecured database stored on the cloud, independent security researchers have found. From a report: The details listed included names, ages and genders as well as income levels and marital status. The researchers, led by Noam Rotem and Ran Locar, were unable to identify the owner of the database, which until Monday was online and required no password to access. Some of the information was coded, like gender, marital status and income level. Names, ages and addresses were not coded. The data didn't include payment information or Social Security numbers. The 80 million households affected make up well over half of the households in the US, according to Statista. "I wouldn't like my data to be exposed like this," Rotem said in an interview with CNET. "It should not be there." Rotem and his team verified the accuracy of some data in the cache but didn't download the data in order to minimize the invasion of privacy of those listed, he said.

Re:

[danbuter]

I'd like to see Pelosi's and Schumer's tax forms. I bet we'd see some interesting "donations".

Re: Drinking Game

[Anonymous Coward]

Alcohol poisoning is a very serious medical emergency.

Is there a point?

[fluffernutter]

Soon there won't be any point to corporate cybersecurity because all the information on everyone will be out there anyway.

Re:

[fluffernutter]

I've been asking how they are on the highway and no one has answered yet. All I know is the torque curve on an EV is highest at stop so that leads be to believe there is no passing power.

Re:

[fluffernutter]

I don't care about 0-100! I care about driving down the highway at 120, coming up to two cars driving 105 and the distance I need to pass them. I know in my Explorer 105-140 acceleration is very good. I consider this essential for highway driving.

Re:

[Colin Castro]

Where are you driving an explorer at 140mph?

Re:

[Colin Castro]

Especially since they are limited to about 120 and max speed is listed at 130ish.

Re:

[fluffernutter]

Kilometers per hour.

Re:

[110010001000]

I'm pretty sure that day has already arrived.

So who owned the database?

[rsborg]

It's really unclear a) who owned the database and b) since no one is identified as the one who compiled the data, who is trying to figure out where this data came from.

The article references Microsoft, but clearly they were just the iPaaS provider.

Finally, there's a big "VPN provider" pushing their services (fine by me, but still a promotion). What gives?

Re:

[mprindle]

Good, I was not the only one. I read the article twice but was unable to determine who owned it. I'm betting it's a big name company who ran it due to the number of records.

Re:So who owned the database?

[mysidia]

Ironically.... they compromised 80 million peoples' personal data, BUT the name of the company that did this will probably be kept secret for
"Privacy Reasons"

We need some changes to the law.

Re:

[chispito]

Ironically.... they compromised 80 million peoples' personal data, BUT the name of the company that did this will probably be kept secret for "Privacy Reasons"

We need some changes to the law.

On what do you base this?

All 50 US states require disclosure of such breaches. Even if you are concerned that some states are more lax than others, there is a redacted record for someone in California shown in the original source, and California is not soft on this kind of thing.

Re:

[Anonymous Coward]

The database had to belong to someone; Microsoft (whose cloud this was on) almost certainly has a credit card on file for the entity which put the data online.

Exposed Database

[BringsApples]

All of these exposed databases, just floating around the net. It's like ...FaceBook.

Maybe, just maybe...

[3seas]

it was on a russian based server...

Missing from Summary: Only Includes 40+

[chispito]

TFA and the source of the story [vpnmentor.com] both mention that this only appears to includes people ages forty and up. This seems to be the most interesting point in trying to figure out where the data originated.

Re:

[Anonymous Coward]

Sounds like AARP.

Re:

[ffkom]

So it is probably the list of those who are planned to be renewed in the first rite of the Carousel. Better look at your palm if your clock is ticking!

Didn't download?

[scdeimos]

Rotem and his team verified the accuracy of some data in the cache but didn't download the data in order to minimize the invasion of privacy of those listed, he said.

How exactly do you verify the accuracy of some data in the cache without actually downloading it?