Unprotected database leaves 80 million U.S. families vulnerable | News Coverage from USA

Unprotected database leaves 80 million U.S. families vulnerable

It is scary enough that a team of Israeli security researchers discovered a massive unprotected database with the full names, ages, income brackets and marital status on more than 80 million U.S. households.

It may be just as scary that the researchers can’t identify the owner of this database, which is hosted by a Microsoft cloud server and includes a cache of 24GB of data, a potential goldmine for cyber-criminals.

The researchers were led by Noam Rotem and Ran Locar, who teamed up with vpnMentor, a site that focuses on virtual private networks and web privacy. 

“I wouldn’t like my data to be exposed like this,” Rotem said in an interview with CNET, the first mainstream outlet to go public with the news. “It should not be there.”

Kidney drone delivery: A kidney for transplant was delivered by drone for the first time ever

Payless bankruptcy: As Payless wades through bankruptcy again, creditors say hedge fund may be to blame

The team verified the accuracy of some of data but made an ethical decision to not download the data to help protect the privacy of the individuals who may be affected.

Who owns the database?

vpnMentor is asking anyone who might be able to help them identify the owner of the database to contact them at info@vpnmentor.com. 

The site suspects that the database is owned by an insurance, healthcare, or mortgage company, although it says that information you’d expect to find in a database owned by brokers or banks is missing. For example, vpnMentor points out that there are no policy or account numbers, Social Security numbers, or payment types among the data.

While this is hardly the first time large scale data has been exposed – think Equifax, Facebook and numerous others – vpnMentor believes this is the first time a breach of this size has included peoples’ names, addresses, and income.

The potential risk may take many forms. One is a phishing attack in which a hacker can embed dangerous links inside emails that look like they come from legitimate financial institutions or other companies, leading in some cases to ransomware, where you’d have a pay a fee to reclaim your computer.

And just knowing your age and income level means an attacker can identify who among the 80 million families are the most vulnerable.

Email: ebaig@usatoday.com; Follow @edbaig on Twitter

 

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *