Abstract
- Large Knowledge Leak: Propertyrec uncovered over 644,000 information, totaling 713 GB of delicate knowledge.
- Delicate Data: Leaked knowledge consists of background checks, private particulars, and property experiences.
- No Safety Measures: The database lacked primary password safety, leaving it publicly accessible.
- Cyber Dangers: Uncovered knowledge will increase dangers of identification theft, fraud, and social engineering scams.
- Name for Higher Safety: Consultants stress the necessity for encryption, entry controls, and common audits.
A crucial knowledge safety lapse has left an enormous trove of non-public info susceptible, elevating issues about identification theft and focused assaults. The uncovered knowledge belongs to SL Knowledge Companies, LLC, which is doing enterprise as Propertyrec, which gives actual property and felony file search providers.
Safety researcher Jeremiah Fowler found a publicly accessible database containing over 644,000 recordsdata, totalling a whopping 713 GB of knowledge. Notably, this database lacked even primary password safety, leaving it extensive open for anybody to entry.
What Data Was Uncovered?
The uncovered database contained a goldmine of delicate private info, together with:
- Full names
- Cellphone numbers
- Residence addresses
- Electronic mail addresses
- Employment historical past
- Member of the family particulars
- Social media accounts
- Prison file historical past
- Property possession experiences
- Automobile information (license plate and VIN)
“Around 95% of the limited sample of documents I saw were labelled as “background checks” Fowler famous in his report shared with Hackead.com forward of its publishing.
This treasure trove of non-public knowledge paints a whole image of people’ lives, making them susceptible to a mess of threats. Moreover, this knowledge breach creates a breeding floor for malicious exercise as with a wealth of non-public info, cybercriminals can create extremely personalised phishing emails or social engineering scams. These scams might trick victims into revealing delicate info like passwords or monetary particulars.
That’s not all! possessing an individual’s full identify, tackle, and social safety quantity (if obtained elsewhere) offers criminals the instruments to impersonate that particular person and doubtlessly commit monetary fraud. And, criminals might use the uncovered info to impersonate a person and acquire entry to their accounts or private info from mates, household, or employers.
The incident displays the significance of adopting stronger safety measures for firms dealing with delicate knowledge. Fowler means that organizations ought to keep away from storing private info in file names, implement sturdy entry controls, and conduct common safety audits to determine and tackle safety vulnerabilities, even when recordsdata are encrypted.
This incident follows the Nationwide Public Knowledge knowledge breach incident from August 2024, which compromised tens of millions of people’ private info by hackers who accessed the corporate’s techniques and offered the stolen knowledge on the darkish internet for USD 3.5 million.
RELATED TOPICS
- Greatest Paid and Free OSINT Instruments for 2024
- Gas Trade Software program Supplier Exposes SSNs, PII Knowledge
- US and UK Army Social Community Exposes SSN, PII Knowledge
- AI Agency’s Server Uncovered 5.3 TB of Psychological Well being Information
- UK Prison Information Workplace Crippled by Ransomware Assault
- On the spot Checkmate, TruthFinder Hacked: 20M Accounts Leaked
- Mexico’s Largest ERP Supplier ClickBalance Leaks 769M Information
