Security researchers discover an exposed server with private data on 80M US households

News
By published

The 24GB database contains names, ages, income brackets, marital statuses, and more.

Pixabay via dlohner. Click for original. (Image credit: Pixabay via dlohner)

A pair of security researchers say they have discovered a "hack" that affects 80 million American households, by way of information contained on an unsecured cloud server hosted by Microsoft on its Azure cloud platform.

The researchers did not get into the specifics of the hack, but did say that the 24GB database in question contains a wealth of private information, including full names, addresses, ages, dates of birth, marital statuses, what income bracket those affected fall into, and even the exact longitude and latitude of their location.

As far as the researchers are concerned, the open database is a veritable "goldmine for identity thieves and other attackers."

"This isn’t the first time a huge database has been breached. However, we believe that it is the first time a breach of this size has included peoples’ names, addresses, and income," the researchers stated in a blog post.

Noam Rotem and Ran Locar are the researchers who initially discovered the unprotected database. They then shared the their finding with vpnMentor, a site that reviews virtual private networks (VPNs).

"Although we investigated the database online, we didn’t download it. Our researchers felt that downloading it would be an ethical breach, as they would then illegally own personally identifiable data sets without peoples’ consent," vpnMentor stated.

According to vpnMentor, this is not a run-of-the-mill situation, as far as data breaches go. What makes this different is the number of people it potentially affects. There are around 127 million households in the US, and the data contained on the unsecured server represents over 62 percent of them. That potentially equates to hundreds of millions of individuals.

"I wouldn't like my data to be exposed like this," Rotem told CNET. "It should not be there."

Unfortunately, it's not clear who the server belongs to. It seems to me that Microsoft should be able to provide them with that info, though.

In the meantime, the researchers suspect it's a service of some kind—most likely an insurance, healthcare, or mortgage company—and are seeking help in identifying it. One clue that may help them find the owner is that most of the people listed in the database are at least 40 years old, many of them elderly. This is also concerning—Rotem points out that scammers could use this information to defraud them.

Paul Lilly
Paul Lilly

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).

Latest in Hardware
A woman wearing a VR headset with dramatic, colourful lighting across the background
'World’s smallest LEDs' could lead to accurately lit screens with 127,000 pixels per inch and much more immersive VR
The NES themed 8BitDo Retro mechanical gaming keyboard on a blue background
I love the 8BitDo Retro C64 keyboard but I'd pick its cheaper NES-themed model near its lowest price ever during Amazon's Big Spring Sale
The snazzy red and black HyperX Cloud Alpha wireless headphones float in a teal void. The microphone is attached to the headset.
The best wireless gaming headset is now even better in the Amazon Big Spring Sale, boasting a more than $50 discount
A chip being held up in an Intel fab
Intel is reportedly 'working to finalize commitments from Nvidia' as a foundry partner, suggesting gaming potential for the 18A node
Amazon box
Don't panic! The 'Do Not Send Voice Recordings' option Amazon just removed was only used by 0.03% of customers and they can still have it
Digital generated image of people surrounded by interactive transparent and glowing panels with data. Visualising smart technology, blockchain and artificial intelligence
Now I shall demand the cookies! Proposed new browsing agreement turns the tables and lets users dictate terms to websites
Latest in News
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened
More about hardware
A woman wearing a VR headset with dramatic, colourful lighting across the background

'World’s smallest LEDs' could lead to accurately lit screens with 127,000 pixels per inch and much more immersive VR
The NES themed 8BitDo Retro mechanical gaming keyboard on a blue background

I love the 8BitDo Retro C64 keyboard but I'd pick its cheaper NES-themed model near its lowest price ever during Amazon's Big Spring Sale
kingdom come deliverance 2 thunderstone quest

Kingdom Come: Deliverance 2's masterful quest design can be summed up by one wonderfully weird search for a magic stone
See more latest
Most Popular
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened
Junah beginning a battle in Metaphor: ReFantazio.
Today's RPG fans are 'very sensitive to feeling like they wasted time' when they die, says Metaphor: ReFantazio battle planner—but Atlus still made combat hard anyway
Image of Cersei Lanniser from Game of Thrones: Kingsroad Steam early access trailer
A new Game of Thrones RPG is coming to Steam today with a cast of 'familiar faces,' which is good because it's really the only way to tell it's a GoT game at all
The new Prime Asset featured in the upcoming update for the Outlast Trials.
The Outlast Trials puts its already paranoid players under surveillance for a time-limited story event
A Viera looking confused in Final Fantasy 14.
Old armor continues to fall victim to Final Fantasy 14's bizarre two-channel dye system, unless you're super into changing the colour of teeny-tiny eyelets: 'Why even bother at this point?'