48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download
Chances are that you’ve never heard of Washington-based data firm LocalBlox. But that doesn’t mean that they haven’t heard of you. And it doesn’t mean that your personal information hasn’t been recklessly exposed through their sloppy disregard for the most basic security.
As Zack Whittaker of ZDNet reports, Localblox scooped up information from the personal profiles of some 48 million users of social networks like Facebook, LinkedIn, Twitter, and real-estate site Zillow without their consent.
The data LocalBlox collated included names, email addresses, dates of birth, postal addresses, and even – in some cases – individuals’ net worth.
LocalBlox then consolidated that sensitive information into a single unencrypted file over 1.2 terabytes in size, and placed it on an Amazon S3 bucket.
If you’ve been following past data breaches you can probably guess the worst part of this story – you didn’t need a password to access LocalBlox’s Amazon S3 bucket, meaning anybody in the world could ..