UPDATED 20:52 EST / SEPTEMBER 03 2020

SECURITY

38M records linked to marketing company working with media found online

Personal details relating to more than 38 million U.S. citizens compiled by an online marketing company have been found exposed online in the latest case of misconfigured cloud storage.

The data, uncovered by researchers at Cybernews, was linked to a company called View Media that has worked on digital marketing campaigns in the past, including with Tribune Media and the Times Media Group. The data included 38,765,297 records of U.S. citizens in total, of which 23,511,441 were unique.

The Amazon Web Services Inc. S3 bucket included full names, addresses, zip codes, emails and phone numbers. In addition to work documents and user records, the bucket also contained thousands of files for various marketing materials, such as banner advertisements, newsletters and promotional flyers.

Some example work documents included an order from Tribune Digital to target women aged 35 to 64 with an income of more than $50,000 per year who were identified as charitable donors. Another worksheet for a company described as Gray CINC targeted high-income business travelers.

SiliconANGLE was not able to identify with certainty which View Media was involved in the data exposure. Multiple companies use the name online across the world. The likely candidate, View Media Inc., may have gone out of business, since its website currently shows ads for Viagra, but according to archive.orit had previously offered services in line with the data found exposed in this case.

The AWS S3 bucket is no longer online. Cybernews noted that it has no way of knowing whether the data has been accessed by nefarious actors prior to it coming down.

Although the data contains only basic information and nothing such as passwords, Social Security numbers or other more private information, data such as this is always useful to scammers who are looking for ways to target people.

Potential users for such data include phishing scams, robocalls, random email spam and more. The need for ongoing education in secure online cloud storage remains a must.

As Javvad Malik, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE previously, “it is important to bear in mind the need for security and while the platforms are on the whole secure, the responsibility lies with the organization to ensure the data they store in cloud databases is secured with the right permissions. Too often, these databases are left exposed to the world instead of being kept private.”

Image: Tribune Media

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU