Nearly one-third of the US population has had their sensitive personal data exposed in a massive new breach, according to security researchers.
The background check company MC2 Data has left a stunning amount of information out in the open, likely due to human error, reports Cybernews.
The data includes names, emails, IP addresses, user agents, encrypted passwords, partial payment information, home addresses, dates of birth, phone numbers, property records, legal records, family, relatives, neighbors’ data and employment history.
“On August 7th, the Cybernews research team uncovered that the company left a database with 2.2TB of people’s data passwordless and easily accessible to anyone on the internet…
The exposure of a large volume of personally identifiable information (PII) violates privacy and puts countless individuals at risk of identity theft and other malicious attacks.”
MC2 Data shares over two billion public records from thousands of sources, according to the Better Business Bureau, and operates under the name PrivateRecords.
Companies that hold sensitive data en masse are subject to laws designed to keep that information safe.
At the federal level, the Fair Credit Reporting Act (FCRA) is one such law designed to ensure consumer information in background checks is collected, used, and stored responsibly.
The act mandates companies providing consumer reports including background checks adopt reasonable procedures to preserve data accuracy, confirm that information is used only for legal purposes and prevent unauthorized access or use of the information.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxGenerated Image: Midjourney