Cyber forensics course specialists have reported a cyberattack that has affected more than 80 million of property owners in the U.S. The attack campaign is reportedly still active, so the number of people affected could increase in the next few days.
Ran Locator and Noam Rotem, renowned cyber activists, discovered an exposed database; the activists report that the information contained in the database could leave more than 65% of households in the United States in a compromising situation.
The database, hosted on a Microsoft server in the cloud, contains more than 24 GB of information from U.S. residents, and appears to include more detailed descriptions of households than individuals. Stored data include:
- Full names of the inhabitants
- Income levels
- Marital status
- Full address of the house
- House’s exact longitude and latitude
It is still unknown to whom this database belongs, although due to the presence of the indicators “member_code” and “score”, which are present at each entry, the cyber forensics course specialists believe that the database operator is some kind of service company.
Although data breach incidents have become commonplace nowadays, the type of information exposed in this database is unusual and really detailed, so millions of people are exposed to multiple variants of malicious activity.
For example, cyber forensics course specialists consider that if a hacker has access to a person’s full name, it can be very simple to guess their email address as well as that of their relatives (it is very common for people to use an email address format composed by firstname.lastname@example.org).
On the other hand, specialists from the International Institute of Cyber Security (IICS) consider that these people could be victims of multiple phishing variables, which could open the way to other variables of cyberattack, such as espionage, information theft, ransomware infection, etc.
As if this were not enough, the fact that the database contains so many personal details could also jeopardize the physical integrity of people, because everything that is required to know the profile and routine activities of a person is just a Google search away.