UpGuard Cyber Risk Team on Wednesday revealed that they discovered sensitive data of 123 million US households exposed publicly
UpGuard Cyber Risk Team on Wednesday revealed that they discovered sensitive data of 123 million US households exposed publicly.Researchers said that data was exposed due to the misconfiguration of Amazon s3 bucket and data belongs to a California based company named Alteryx.
Read more on: New ATM Malware PRILEX Targets Banks in BRAZILThe exposed bucket contains data from Alteryx partnering company Experian, a consumer credit reporting agency and US Census Bureau.Chris Vickery, Director of Cyber Risk Research UpGuard, said that he discovered Amazon Web Services S3 cloud storage bucket located at the subdomain “alteryxdownload” containing sensitive consumer information. The permission settings of the bucket were configured to allow AWS “Authenticated Users” to view and download the data.The leaked data contains personal information like addresses, marital status, gender, age, occupation, contact information and financial information like mortgage ownership, financial histories, etc. Researchers said that overall the leaked data contained 3.5 billion information of 123 million US households.“While each of the tens of millions of rows represents a different US household, the 248 columns cross-indexed compiles each household’s known or modeled personal details, preferences, and behavior across a wide array of categories. With a total of over 3.5 billion fields to be filled with such data points, the index’s incredibly detailed level of insight is, ultimately, precisely what Experian claims to offer with its ConsumerView product, as described in a 2016 marketing brochure” said in the post published by UpGuard.
Read more on: New Android Malware AnubiSpy Targets Middle East UsersAlteryx responded to Forbes in an Email statement that “Alteryx secured the bucket, removed the file and has taken steps to prevent this from happening in the future. Alteryx confirmed that the file contained no names of any individuals or any other personal identifying information”.In November UpGuard cyber risk team discovered a massive amount of data belongs to US military publicly exposed due to AWS S3 bucket misconfiguration.
Read more on: Triton Malware Targets Industrial Safety Systems in Middle East