In a shocking turn of events, the personal details of more than 33 million people have been exposed on the Internet. Those whose details were in the database leaked include government and corporate personnel from the US Postal Service, the Department of Defense, the Ohio State University, Wal-Mart and others.
The leaked database is the property of Dun & Bradstreet which is a well-known technology firm. The firm is in the business of licensing information to businesses to enable them to make informed decisions. In 2013 alone, they had at least 225 million records from businesses from around the globe.
The firm said that indeed it owned the database which was acquired from the acquisition of NevProspex back in 2015. The firm immediately did an inside investigation to find out where the hack came from. It was established that the hack did not come from a breach of its security but likely from one of its customers.
— KeelsUS (@KeelsUS) March 15, 2017
The leak was 52.2 gigabytes of data that contained a lot of information about corporate and government bodies. They included their names, email addresses, their phone numbers, their employees and other details.
Large numbers affected
The affected accounts included at least 88,000 from the US Postal Service, 100,000 from the Department of Defense, at least 6,000 from AT&T, at least 40,000 from CVS, at least 55,000 from Wal-Mart, at least 38,000 from the Ohio State University, at least 34,000 from the Wells Fargo Bank, at least 35,000 from the Citigroup, at least 33,000 from IBM, and at least 34,000 from the Kaiser Foundation Hospitals. Such large numbers point to a very serious breach that has put the personal details of many people at risk.
— RT America (@RT_America) March 15, 2017
The Major States Targeted
The database exposed focused on the major states of the United States. Among them was California which had about 4 million compromised accounts. New York came in second place with 2.7 million while Texas had a close 2.6 million accounts compromised. To many experts, the fact that such a large amount of data can be broken into and made public is a huge risk.
The owner of Have I Been Pwned, the breach notification site, stated that “Whilst you could piece together parts of the data from information already in the public domain, having it aggregated and so easily searchable in this fashion is enormously valuable. It also serves as a reminder that we’ve lost control of our privacy; the vast majority of people in the data set would have no idea their information is being sold in this fashion and they certainly don’t have control over it.”
— RT America (@RT_America) March 11, 2017
It is one of the biggest leaks in the history of technology and a big risk to the reputation of Dun & Bradstreet. As of now, the party that leaked the information has not yet been pinpointed making it hard to know what the firm will do next.