The database exposed, has more than 33 million records along with unique e-mail addresses and information related to the thousands of company employees which includes a large fraction of US corporate population.
The business services giant Dun and Bradstreet assured that they own the database which they gained as a part of 2015 deal to buy NetProspex for $125 million.
The data includes dozens of information that is private as well as corporate data. It is used for marketers who directly target their own e-mail campaigns and through other interactions methods for current and future customers.
A breach notification site ‘’ Have I been pwned’’ runner Troy Hunt analyzed these records and said, ‘’ The breakdown was entirely US-focused, with California as the most represented demographic with over four million records, then New York with 2.7 million records and Texas with 2.6 million records.’’
Hunt’s analysis revealed that the department of defense is the leading group with 101,013 employee records, followed by US postal service with 88,153 employee records along with US Army, Air Force and department of veteran affairs with combined 76,379 records. Also, AT&T, Boeing, Dell, FedEx, IBM and Xerox were among the top named companies in database with thousands of employee records.
Hunt also in his e-mail said, “It also serves as a reminder that we’ve lost control of our privacy; the vast majority of people in the data set would have no idea their information is being sold in this fashion and they certainly don’t have any control over it.”
Prior to the publication Dun and Bradshaw in an e-mail statement said that “We’ve carefully evaluated the information that was shared with us and it is of a type and in a format that we deliver to customers every day. Based on our analysis, it was not accessed or exposed through a Dun & Bradstreet system.”
Dun and Bradstreet while clearing the situation said that the company contains data that is generally public available business contact used for marketing and sales purposes.
While Hunt in opposing said that the data would make it easy for cyber-criminals to use the information and trick the employee’s by using their financial information.
This type of activity is not clear that whether it falls within the privacy data protection or not, though the executive said that the database was ‘’completely complaint’’ with US privacy laws.
Share this article
About the Author
Waqas is a cybersecurity journalist and writer who has a knack for writing technology and online privacy-focused articles. He strives to help achieve a secure online environment and is skilled in writing topics related to cybersecurity, AI, DevOps, Cloud security, and a lot more. As seen in: Computer.org, Nordic APIs, Infosecinstitute.com, Tripwire.com, and VentureBeat.
More from Iam WaqasRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
