New data breach may have exposed personal information of almost every American adult

https://www.marketwatch.com/story/a-new-data-breach-may-have-exposed-personal-information-of-almost-every-american-adult-2018-06-27?mod=ampfoot_mostpop

June 28, 2018

A little-known Florida company may have exposed the personal data of nearly every American adult, according to a new report.


Exactis data leak reportedly contained detailed information on 230 million consumers


Wired reported Wednesday that Exactis, a Palm Coast, Fla.-based marketing and data-aggregation company, had exposed a database containing almost 2 terabytes of data, containing nearly 340 million individual records, on a public server.
That included records of 230 million consumers and 110 million businesses.

While the database apparently does not include credit-card numbers or Social Security numbers, it does include phone numbers, email and postal addresses as well as more than 400 personal characteristics, such as whether a person is a smoker, if they own a dog or cat, their religion and a multitude of personal interests.
Even though no financial information was included, the breadth of personal data could make it possible to profile individuals or help scammers steal identities.



Troia told Wired that he was easily able to access the database on the internet, and in theory, plenty of other people could have too. He said he warned Exactis and the FBI about the vulnerability, and the data is no longer publicly accessible.

On its website, Exactis said it maintained 3.5 billion consumer, business and digital records, including “demographic, geographic, firmographic, lifestyle, interests, CPG, automotive, and behavioral data.” The company said it has data on 218 million individuals and 110 million U.S. households.

There are about 325 million residents in the U.S., with about 244 million adults and 126 million households, according to the U.S. Census Bureau.

Exactis did not immediately respond when asked to confirm the breach.

While technically not a breach, Facebook Inc. FB, +0.06% said in March that most of its 2 billion users had their personal data “improperly shared” without their permission, including about 87 million profiles that were scraped by Cambridge Analytica.



Exactis 'conveniently' left the window open .

We've seen this 'convenient' data theft before.