Exactis left the records of 340M people, businesses wide open for anyone to grab

Marketing and data aggregation firm Exactis kept a database of around 340 million individual records on a publicly accessible server, Wired reports. Discovered by security researcher Vinny Troia from Night Lion Security, the data dump measured around two terabytes (2TB) and contained the personal information of around 230 million adults in North America along with 110 million businesses. Fortunately, credit card and social security numbers were not discovered within the data. 

“It seems like this is a database with pretty much every U.S. citizen in it,” Troia said. “I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen.” 

Troia could find just about everyone he knew in the data, and when he was asked to seek out 10 specific people, he quickly emerged with six. The data dump included simple information such as phone numbers, home addresses, and email addresses. But it also dug deep into each listed individual spanning more than 400 variables. For instance, the data listed whether individuals smoke, if they own pets, their preferred religion, favorite hobbies, and loads more. 

Troia came across the data dump while researching the security of Elasticsearch databases using the search tool Shodan. Because these databases can be queried over the internet using a command line, he scanned for publicly accessible Elasticsearch-based servers using North American IP addresses. The scan produced 7,000 results, one of which served up the unprotected Exactis data dump. 

Once he stumbled across the data dump and examined its contents, he contacted both the FBI and Exactis, the latter of which made the data inaccessible shortly after Troia’s notification. Still, anyone who performed an Elasticsearch scan prior to Troia likely discovered the Exactis data dump as well. 

So far there is no evidence of foul play, but the data could already be circulating on the dark web. There is supposedly enough information in the data to produce scam campaigns even though financial and social security data isn’t present. 

According to Exactis, the company plays host to 3.5 billion “consumer, business, and digital records.” Among that data is supposedly 110 million households in the U.S., 218 million individuals, 88 million records tying email addresses to postal addresses, and 112 million records with residential phone numbers. 

“Data is the fuel that powers Exactis,” the company boasts. “Layer on hundreds of selects including demographic, geographic, lifestyle, interests, and behavioral data to target highly specific audiences with laser-like precision.” 

The Exactis data dump surpasses the data breach seen by Equifax in 2017, which saw the data of 145.5 million individuals stolen by hackers. The difference here is that hackers didn’t infiltrate Exactis’ network, but rather the company simply left data exposed on a publicly accessed server. The situation is similar to what happened in June 2017 where the details of 198 million American voters were left unsecured on a publicly accessed cloud server. 

What makes this data exposure scary is that Exactis may have your data and you don’t even know it. Even more, that data was left exposed with the potential to be scooped up by scammers.


Has Columbus, Ohio raised its IQ yet? A progress report from the mayor

Two years ago, the city of Columbus in Ohio received $40 million to pursue smart city initiatives. So, what’s happened since then? We spoke with its mayor, Andrew Ginther, to discuss progress and what’s ahead.

Chinese court upholds Qualcomm's complaint that Apple infringed on two patents

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.

Can Microsoft’s Airband Initiative close broadband gap for 25M Americans?

A new report from the Federal Communications Commission (FCC) says that 25 million Americans do not have access to broadband internet. Of these, more than 19 million are living in rural communities. Can Microsoft help out?

With 20,000 sites swallowed up, a botnet is eating WordPress alive

A botnet of infected WordPress sites has been attacking other WordPress sites, generating up to five million malicious logins on certain WordPress backends within the last thirty days.

Is your PC slow? Here's how to restore Windows 10 to factory settings

Computers rarely work as well after they accumulate files and misconfigure settings. Thankfully, with this guide, you'll be able to restore your PC to its original state by learning how to factory reset Windows.

The Titan RTX graphics card is nearly here. Here's what you need to know

The Nvidia Titan RTX is arguably the most powerful consumer graphics card ever made, even if it's not really aimed at consumers. It bridges the 2080 Ti and RTX Quadro cards with boat loads of power.

Leak reveals that Nvidia’s RTX 2060 gaming chipsets will be headed to laptops

The latest leaks of Nvidia's upcoming RTX 2060 have given performance benchmarks and further detail about the future chipset and its capabilities, while a RTX 2060 Max-Q variant has also been discovered for thin and light gaming machines.

Looking for an Apple MacBook below $900? Woot has you covered

If you're looking for a great deal on an Apple MacBook, then Amazon's Woot may just have what you have been seeking. It has Macbooks available for only $810 with Intel M3 CPUs, 8GB of RAM, and 256GB SSDs.

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.

New rumors say the Pixelbook 2 could show up at CES 2019

What will the Pixelbook 2 be like? Google hasn't announced it, but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.

A dead pixel doesn't mean a dead display. Here's how to repair it

Dead pixel got you down? We don't blame you. Check out our guide on how to fix a dead pixel and save yourself that costly screen replacement or an unwanted trip to your local repair shop.

You could spend $1,000 on an iPhone, or buy one of these awesome laptops instead

Finding a decent laptop is easy, but finding one under $1,000 is a bit tricky. Luckily, we've taken some of the guesswork out of picking out a budget laptop. Here are some of our favorites, the best laptops under $1,000.

Don't know what to do with all your old DVDs? Here's how to convert them to MP4

Given today's rapid technological advancements, physical discs are quickly becoming a thing of the past. Check out our guide on how to convert a DVD to MP4, so you can ditch discs for digital files.

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…