Technology 2 min read

Marketing Firm Data Leak Leaves 300 Million Americans' Information Exposed

TheDigitalArtist |

TheDigitalArtist |

The records of hundreds of millions of Americans have been exposed online due to a data breach in a Florida-based marketing company.

On Wednesday, renowned security researcher and keynote speaker Vinny Troia revealed that he discovered a database containing around 340 million personal records of people available online. According to Troia, the database is owned by the marketing firm Exactis based in Florida.

Exactis is a firm whose specialization involves helping businesses reach potential clients through phone numbers and email or postal addresses. For some unknown reason, the confidential records appear to have been left available online, making it accessible to basically everyone on the Internet.

Troia, who’s also the founder of the New York-based security company Night Lion Security, said that he has already reported his discovery to the FBI and Exactis earlier this week. Exactis has since then protected the data, making it unclear now just how long it has sat exposed online.

In an interview with Wired, Troia mentioned that the compromised records are from nearly every United States citizen. Approximately, about 230 million records are of U.S. adults while the remaining 110 million are of U.S. business contacts.

Aside from phone numbers and addresses, the database also holds the records about 400 characteristics exhibited by a person like vices, religion, pet ownership, gender, number of kids, age, and many others.

“I looked up a bunch of my friends and the data was all pretty accurate,” Troia added“This is more information that other people can use to create scams or do fraudulent activities.”

No financial information or Social Security numbers were reportedly exposed. However, cybercriminals could still use the information and crosscheck it with previous data breaches to create a complete profile of anyone or use them to execute targeted attacks.

Exactis has not issued any statement regarding the matter, and it is still unclear whether hackers found the information. The latter, according to Troia, is not really impossible since the marketing firm was indexed online.

“The server was kind of wide open. If anybody was looking for it, they could’ve found it and grabbed the data,” he said.

Do you agree that companies who keep the personal information of millions of individuals should be heavily sanctioned in case of massive data breaches like this?

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Chelle Fuertes know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.

Profile Image

Chelle Fuertes

Chelle is the Product Management Lead at INK. She's an experienced SEO professional as well as UX researcher and designer. She enjoys traveling and spending time anywhere near the sea with her family and friends.

Comments (0)
Most Recent most recent
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.