UPDATED 22:30 EDT / APRIL 29 2019

SECURITY

Mystery database with 80M US household data records found on Microsoft cloud server

Security researchers have uncovered an exposed database with details of 80 million U.S. households, but in a mysterious twist, they have no idea who it belongs to or where it came from.

Found by researchers from vpnMentor, the database was discovered exposed to all and sundry on a Microsoft Corp. Azure cloud instance. The data, which cover 65% of U.S. households, included full address, GPS details, age and date of birth information, marital status, income, homeowner status and dwelling type.

The researchers noted that they were attempting to track down the owner while noting that this is potentially one of the largest data breaches of its type in history. “We believe that it is the first time a breach of this size has included peoples’ names, addresses, and income,” the researchers said.

Given that the database includes all that information, the researchers rightly noted it is potentially a goldmine for identity thieves and other attackers.

“Unfortunately, this type of breach is no longer unusual, but it is unusual to not know who owns the exposed data,” Tim Erlin, vice president, product management and strategy at Tripwire Inc., told SiliconANGLE. “Until we understand who the owner is, we’re limited to generalizations about this exposure.”

After so many similar incidents, he said, it’s clear that organizations don’t have control over access to their data stored in the cloud.

“It’s not for a lack of tools, but a lack of understanding and implementation of the available tools,” Erlin said. “If you are storing data in the cloud, you can and should be able to audit the access permissions for that data on a continuous basis.”

VpnMentor is asking for assistance in identifying the owner of the database. “What service is used by 80 million homes across the U.S. – but only the U.S. – and only by people over 40? What service would collect your homeowner status and dwelling type but not your social security number? And what service records that you’re married but not how many children you have?” the company asked.

If you can answer those questions, the company wants to hear at its email info@vpnmentor.com.

Photo: benledbetter-architect/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.