Tuesday, 30 April 2019

Unsecured database of 50m found on Azure

In the latest blow to consumer privacy, researchers have discovered that the addresses and personal details of over 80m US households have been left unsecured in a cloud database.

The group of independent security researchers, led by Noam Rotem, have found that the unidentified database contains names, ages and genders as well as income levels and marital status. Some of the information such as gender, marital status and income level is coded while the names, ages and addresses are not.

Fortunately, the data stored in the database does not include any payment information or Social Security numbers.

Rotem and his team have verified that the data is accurate but the team of researchers did not download the data in order to minimize the invasion of privacy of those whose information is listed.

Exposed database

Rotem partnered with the Israeli VPN review site VPNMentor to conduct his research and in a recently published blog post, the company called on the public to help identify the owner of the database hosted on Microsoft Azure.

Securing the data inside the database is not Microsoft's responsibility but rather that of its owners. However, if the owner can be identified, the company could contact its customer to let it know of the problem.

The server hosting the data first came online February according to Rotem who discovered it in April using tools he had developed to search for and catalog unsecured databases.

The database contains information about adults aged 40 and over who could be even more susceptible to scammers trying to obtain their information to try to defraud them.

Rotem's discovery of the unsecured database could lead to its owner being identified but even more so, his research sheds light on the fact that open databases full of valuable user information exist online and could make online fraud even easier for cybercriminals.

Via CNET

  • Protect your online privacy with the best VPN


from TechRadar - All the latest technology news http://bit.ly/2ZMkNLG

No comments:

Post a Comment