Records of 114 Million US Citizen and Companies Exposed Online

(Howard) #1

Another day another unsecured bucket full of excellent data potentially became available to crooks looking for treasure chests of social engineering jewels. This bucket was discovered like many others on Shodan by an Estonian security researcher. We don’t know if it has been compromised but I guess we will find out soon. Excellent ammo for spear phishing.
As Bleeping Computer says, “All the good stuff for a proper scam”

"One of the instances contained personal information of 56,934,021 US citizens, including sensitive details like full name, employer, job title, email and street address, ZIP code, phone number, and an IP address.

"Another index of the same database contained more than 25 million records with more of a “Yellow Pages” details directory: name, company details, zip address, carrier route, latitude/longitude, census tract, phone number, web address, email, employees count, revenue numbers, NAICS codes, SIC codes, and etc," the company informs in a blog post. Amazon finally tightened up their security hole on AWS. I’m sure Google will follow.

(Howard) #2