cyber Breach

Localblox

Dec 24, 2023 1 min read
Localblox

An AWS bucket from the private intelligence firm LocalBlox was discovered to be unguarded online; it held 48 million records that were also taken from Twitter, Facebook, and LinkedIn.

Names, physical addresses, and birth dates that were obtained via social media are included in the records. The current Cambridge Analytica case comes to mind first.

The stolen information was gathered from many sources and combined with IP addresses. For instance, names, street addresses, dates of birth, and employment histories were taken from Zillow real estate data and LinkedIn, Facebook, and Twitter.

Payday loan providers and acquired datasets are further sources. This finding shows that numerous additional organisations utilise social media scraping to get user data for various uses.

Source: https://securityaffairs.com/71534/data-breach/localblox-data-leak.html

TPRM report: https://scoringcyber.rankiteo.com/company/localbloxinc

"id": "loc347251223",
"linkid": "localbloxinc",
"type": "Breach",
"date": "04/2018",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Data Intelligence',
                        'name': 'LocalBlox',
                        'type': 'Private Intelligence Firm'}],
 'attack_vector': 'Unsecured AWS Bucket',
 'data_breach': {'number_of_records_exposed': 48000000,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Employment Histories',
                                              'IP Addresses']},
 'description': 'An AWS bucket from the private intelligence firm LocalBlox '
                'was discovered to be unguarded online; it held 48 million '
                'records that were also taken from Twitter, Facebook, and '
                'LinkedIn. Names, physical addresses, and birth dates that '
                'were obtained via social media are included in the records. '
                'The current Cambridge Analytica case comes to mind first. The '
                'stolen information was gathered from many sources and '
                'combined with IP addresses. For instance, names, street '
                'addresses, dates of birth, and employment histories were '
                'taken from Zillow real estate data and LinkedIn, Facebook, '
                'and Twitter. Payday loan providers and acquired datasets are '
                'further sources. This finding shows that numerous additional '
                'organisations utilise social media scraping to get user data '
                'for various uses.',
 'impact': {'data_compromised': ['Names',
                                 'Physical Addresses',
                                 'Birth Dates',
                                 'Employment Histories',
                                 'IP Addresses']},
 'motivation': 'Data Collection',
 'title': 'LocalBlox Data Exposure',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Misconfigured AWS Bucket'}
Published by
Roshni Ray
Roshni Ray
You might also like
Ransomware cyber

IdeaLab

public 1 min read
IdeaLab, a California-based technology startup incubator, experienced a data breach in October 2024 where hackers accessed sensitive information. The Hunters…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.