cyber Breach

Exactis

Dec 31, 2023 1 min read
Exactis

Millions of American records that were left unprotected online were found by security researcher Vinny Troia as he was assessing the security of Elasticsearch installs that were made public.

Credit card numbers and Social Security numbers don't appear to be in the breach. It does include very specific information about every name, such as phone numbers, home addresses, email addresses, and other very private details.

The company collected consumer data on 218 million people and 110 million households, according to the Exactis website.

There are 88 million records in the repository with postal and email addresses, and 112 million records with home phone numbers.

Source: https://securityaffairs.com/74041/data-breach/exactis-data-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/exactis-llc

"id": "exa1636311223",
"linkid": "exactis-llc",
"type": "Data Leak",
"date": "07/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': ['218 million people',
                                               '110 million households'],
                        'industry': 'Data Broker',
                        'name': 'Exactis',
                        'type': 'Company'}],
 'attack_vector': 'Unprotected Elasticsearch Install',
 'data_breach': {'number_of_records_exposed': ['88 million records with postal '
                                               'and email addresses',
                                               '112 million records with home '
                                               'phone numbers'],
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Phone numbers',
                                              'Home addresses',
                                              'Email addresses',
                                              'Other private details']},
 'description': 'Millions of American records that were left unprotected '
                'online were found by security researcher Vinny Troia as he '
                'was assessing the security of Elasticsearch installs that '
                'were made public. The breach includes very specific '
                'information about every name, such as phone numbers, home '
                'addresses, email addresses, and other very private details. '
                'The company collected consumer data on 218 million people and '
                '110 million households.',
 'impact': {'data_compromised': ['Phone numbers',
                                 'Home addresses',
                                 'Email addresses',
                                 'Other private details']},
 'title': 'Exactis Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Publicly Accessible Database'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.