Cybersecurity firm UpGuard has revealed a massive data records leak involving an information search service company.
According to UpGuard, an intelligence company took the data records of about 48 million without consent from social media networks like LinkedIn, Facebook, Zillow, and Twitter.
LocalBlox, a U.S.-based private intelligence platform reportedly crawls, discovers, extracts, indexes, maps, and augments data from the web and other exchanged networks automatically in different formats.
However, earlier this year, the company left a considerable portion of the data it has gathered in a public but unlisted Amazon S3 storage bucket without any password. This allegedly gave anyone access to the file, allowing them to download its content freely.
The exposed data includes names, addresses, birth dates, and other public information scraped from social media.
“The exposed LocalBlox dataset combines standard personal information like name and address, with data about the person’s internet usage, such as their LinkedIn histories and Twitter feeds,” UpGuard said in a statement.
Apparently, the combination of the information could be used to build a three-dimensional picture of the people affected by the data breach. If exploited, cybercriminals would be able to know who the people are on the list, what they talk about, what they like, and even their occupation.
“In essence a blueprint from which to create targeted, persuasive content, like advertising or political campaigning. If the legitimate uses of the data aren’t enough to give pause, the illegitimate uses range from traditional identity theft to fraud, to ammunition for social engineering scams such as phishing,” UpGuard explained.
UpGuard reportedly discovered the unprotected file in an AWS S3 bucket last February 18th, 2018. The bucket contained a 151.3 GB compressed file. When decompressed, it revealed a 1.2 TB newline-delineated json file. The metadata in the header file indicated LocalBlox as the owner.
This latest data records breach is just one among many recent scandals involving tech companies and their data gathering practices. As you’ve probably seen, earlier this month Facebook’s CEO, Mark Zuckerberg, faced a congressional inquiry following the Cambridge Analytica scandal that compromised the information of over 80 million Facebook users.