A mysterious database exposed the personal information of nearly 80 million Americans, affecting 65% of American families. Security researchers Noam Rotem and Ran Locar discovered a 24 GB database hosted on a Microsoft cloud server. The database contains highly sensitive information about American families, including the full name of family members, marital status, income, age, and more.
This is not the first US home data breach. Two years ago, a large database of 123 million US household-sensitive personal information was leaked online by a California-based data analytics company. But the leaked data contains in-depth information such as name, address, and income, and if cybercriminals enter the database, the information is more valuable to them.
According to a report by VPNMentor, the database lists information in the form of a family, including home address, accurate latitude and longitude, full family member name, age, and date of birth. In addition to this, there are codes for gender, marital status, income, homeowner status and type of residence.
The leaked personal data is said to cause victims to be vulnerable to cyber attacks such as spam, phishing, and ransomware. According to VPNMentor, based on these data, the database may come from an insurance, medical or mortgage company, but there are no policies, account numbers, social security numbers or payment types in the database.
Microsoft stated that it has notified the owner of the database and has taken appropriate steps to help customers delete the data, but Microsoft declined to disclose the owner of the unprotected database.