Skip to Content
© Egor Kotenko |
Security & privacy

Massive data leak exposes 1.2 billion records online

Data is big business in today’s world. Companies, marketers and researchers will pay out the nose for consumer information like interests and spending habits. Click or tap to see what Facebook does with the data it collects on you.

But the corporate world isn’t the only group interested in your data. Hackers, people searchers and cybercriminals are obsessed with compiling data too. With just a name, a face and a phone number, it’s easy to impersonate just about anyone online.

Malicious data collection is bad, but what happens when billions of peoples’ information is stored on an unsecured platform? It’s a recipe for identity theft and disaster. Well, surprise, surprise. That’s exactly what happened. Here’s what you need to know.

Mysterious server contains database with billions of harvested profiles

According to new reports from Wired, an unsecured server containing profile information from billions of users was discovered on Google Cloud Services. Initially discovered by dark web researcher Vinny Troia, the database appears to have been compiled by entities using third-party people search services.

RELATED: Click or tap to see what people search websites know about you and how to remove it.

The datasets in the server were labeled with the names of several prominent people search companies, such as PDL Labs of San Francisco, California. PDL Labs acknowledged the data matches the type of information they have on file, but they claimed no responsibility for hosting it without any security.

Analysts speculate it’s very likely the data was intentionally left in the open, so hackers and cybercriminals had access to billions of profiles for their schemes.

The server contained information like home and cell phone numbers, full Facebook and Twitter profiles and LinkedIn work histories. This data could easily be used for identity theft or SIM swapping scams. Click or tap here to see why SIM swapping scams are such dangerous forms of identity theft.

Could my data be part of this leak?

No obvious culprit or motive has been discovered behind the leak yet, but based on the numbers alone, there’s a good chance you or someone you know is affected by it. Thankfully, most of the data contained in the leak is information that could be public anyway.

Much of the data was harvested by people search websites — which anyone can buy from. The primary issue here is that the data is compiled into one place with no protections. That makes it an attractive option for hackers and identity thieves to get a head start on their targets.

So what’s the best way to fight against identity theft from this enormous leak? There are a few things you can do, but if you haven’t noticed any obvious signs like missing money, new accounts in your name or strange inquiries from your mobile carrier, you’re probably safe for now.

Instead, you should look at this incident as an opportunity to safeguard your data before anyone has a chance to strike. Start by changing the privacy settings on your social media profiles. Click or tap here to learn how to go dark on social media.

Make sure to keep a clear eye on your bank accounts and credit reports. If you find an account has been opened in your name, or if you want to err on the side of caution, freeze your credit. This will prevent anyone from opening any accounts in your name. Click or tap here to learn more about credit freezes.

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started