CyberSecurity news
FlagThis
@databreaches.net
//
A massive data breach has exposed the sensitive personal information of over 600,000 individuals. The breach originated from SL Data Services, a data broker operating under the name Propertyrec, which markets itself as a provider of real estate information reports but also offers criminal checks and DMV records. A researcher discovered 644,869 unencrypted PDF files (713.1 GB) stored in a publicly accessible Amazon S3 bucket, containing background checks with full names, addresses, phone numbers, email addresses, employment history, family details, social media accounts, and criminal records, along with vehicle and property records. The lack of password protection and encryption made the data easily accessible to anyone.
The exposed data presents a significant risk of identity theft, fraud, and social engineering attacks. The easily searchable file names, formatted as "First_Middle_Last_State.PDF," further exacerbated the risk. While the researcher contacted SL Data Services' support team, they received no response or explanation regarding the incident, highlighting a serious lack of accountability and data security practices. The researcher ultimately had to take several steps to remove the exposed data from public view.
This data breach underscores the critical need for robust data security measures within the data broker industry. The ease with which this sensitive information was accessed highlights the vulnerability inherent in insufficiently protected databases. The lack of response from SL Data Services raises serious concerns about their commitment to data protection. This incident serves as a stark reminder of the potential consequences of inadequate security measures and the critical need for greater transparency and accountability from data brokers.
References :
The exposed data presents a significant risk of identity theft, fraud, and social engineering attacks. The easily searchable file names, formatted as "First_Middle_Last_State.PDF," further exacerbated the risk. While the researcher contacted SL Data Services' support team, they received no response or explanation regarding the incident, highlighting a serious lack of accountability and data security practices. The researcher ultimately had to take several steps to remove the exposed data from public view.
This data breach underscores the critical need for robust data security measures within the data broker industry. The ease with which this sensitive information was accessed highlights the vulnerability inherent in insufficiently protected databases. The lack of response from SL Data Services raises serious concerns about their commitment to data protection. This incident serves as a stark reminder of the potential consequences of inadequate security measures and the critical need for greater transparency and accountability from data brokers.
Share:
References :
- malware.news: Original report on the data breach by a data broker.
- Malwarebytes: Malwarebytes blog post about the data broker's breach.
- www.websiteplanet.com: WebsitePlanet article covering the data breach report.
- hackread.com: HackRead reports on the Propertyrec leak and the exposure of background check records.
- databreaches.net: Report on a large data leak from SL Data Services, containing sensitive personal information and impacting over 600,000 individuals.
- malware.news: News about a data leak affecting over 600,000 people, revealing background checks, vehicle, and property records from SL Data Services.
- www.cysecurity.news: Article about the exposure of over 600,000 records, including background checks, vehicle, and property records, due to a lack of protection on the database of SL Data Services.
- CyberInsider: Article discussing the data leak and its implications.