Massive Data Breach Raises Questions About Data Brokers' Security Practices and Responsibility

A dataset of 170 million sensitive data which included names, addresses, phone numbers, emails, skills, education history and employment history of individuals roaming freely on the internet. After tracing who leaked the data, it was found that it was leaked by a San Francisco based data broker, People Data Labs (PBL). The website of PBL has data of 1.5 billion individuals which is used for recruiting, sales, marketing and data enrichment purposes.

The data was leaked because of an Elasticsearch server which was left unprotected, and was not directly linked to the company. It is being said that a third-part is probably responsible for this data leak. Even though the third-party hasn’t been identified yet, it is very important to have a password on Elasticsearch server or else your data can easily be obtained by threat actors. These threat actors can easily expose your data in seconds which can end up in identity theft and fraud.

Cybernews research team says that data brokers are always in controversy because they do not check and control the data completely and it often ends up in the hands of wrong parties. The threat actors can use your data for many large attacks. PDL was also responsible for leaking data in 2019, and it was also done by an unprotected Elasticsearch server and PDL refused to take responsibility.

The current data leak was marked as Version 26.2, suggesting that it can be related to the previous data leak. Even if PDL is not responsible for the leak, these kinds of leaks taint the reputation of data brokers and clients cannot trust them anymore. As PDL experienced a data leak in 2019 previously, it shows how ignorant they are being with people’s data and are not thinking about personal data security.

If you think that you have been potentially affected by a data leak, make sure to stay cautious of phishing attacks and scams. Use some data removal services to protect against future data leak, use strong passwords and enable two factor authentication. Always monitor your accounts to check any suspicious activities.


Image: DIW-Aigen

Read next:

• Apple’s Revenue For 2024 Could Reach Record High Thanks to iPhone 16 Sales

• Can AI Be A Better Boss Than Humans? This New Survey Has The Answer

• How Many Hours Do People Work Around the World?

Previous Post Next Post