Giant Data Leak Exposes Data on 123 Million U.S. Households

This is yet another data breach that would be much less likely to happen if the NSA would primarily do its actual job and protect Americans instead of spying on them and other relatively innocent foreign citizens. Up to 90 percent of the NSA’s budget is dedicated to offense and spying when it should be dedicated to securing vital technological infrastructure and defending the public instead. Unfortunately though, the NSA today is largely an example of the government — compromised through excessive corporate control — treating its own domestic population as the enemy, and that sort of example happens far too frequently in the modern world.

Researchers revealed Tuesday that earlier this year they discovered a massive database — containing information on more than 123 million American households — that was sitting unsecured on the internet.

The cloud-based data repository from marketing analytics company Alteryx exposed a wide range of personal details about virtually every American household, according to researchers at cybersecurity company UpGuard. The leak put consumers at risk for a range of nefarious activities, from spamming to identity theft, the researchers warned.

Though no names were exposed, the data set included 248 different data fields covering a wide variety of specific personal information, including address, age, gender, education, occupation and marital status. Other fields included mortgage and financial information, phone numbers and the number of children in the household.

“From home addresses and contact information, to mortgage ownership and financial histories, to very specific analysis of purchasing behavior, the exposed data constitutes a remarkably invasive glimpse into the lives of American consumers,” UpGuard researchers Chris Vickery and Dan O’Sullivan wrote in their analysis.

A cascade of recent database breaches has left consumers on edge about the security of their personal information. After credit monitoring company Equifax revealed in September that cybercriminals had made off with data on more than 145 million Americans, US lawmakers began efforts to hold such businesses accountable to the everyday people whose data they collect for profit.

[…]

“The data exposed in this bucket would be invaluable for unscrupulous marketers, spammers and identity thieves, for whom this data would be largely reliable and, more importantly, varied,” the researchers said. “With a large database of potential victims to survey — with such details as ‘mortgage ownership’ revealed, a common security verification question — the price could be far higher than merely bad publicity.”