In a report last Friday, March 20, 2020, CyberNews revealed that an unsecured database has been compromised on the Internet. The database in question reportedly contained 800 gigabytes worth of personal user information, thus affecting approximately 200 million Americans. The server was traced and found to be linked to a Google Cloud server, notes CyberNews.
According to CyberNews, the database hosted on the Google Cloud server may have stemmed from the United States Census Bureau. It supposedly contained personally identifiable information of individuals and it was exposed for an undetermined period. The report included “more than 200 million detailed user records – putting an astonishing number of people at risk.”
The research team at CyberNews declared that the server has been left unsecured. In its attempts to discover who the database belonged to, the research team discovered that the data has been “wiped out by an unidentified party.”
Despite attempting to wipe off the data, the cybersecurity team notes that most of the codes found on the folders point to the United States Census Bureau. Codes were consistent with the agency’s classifications or were specific to the said bureau, notes CyberNews.
Included in the exposed information are full names of individuals, as well as home addresses and phone numbers. Email addresses, dates of birth, and credit ratings were also compromised. Tax records, mortgages, and other loans or credit information were also made available on the Internet.
Moreover, demographics were also made vulnerable to the public and attackers. In particular, information tackling genders and the number of children were revealed. Investments, charitable donations, and personal interests were also kept on record, reveals Forbes.
Prior to the data being wiped on March 3, Forbes states that CyberNews got wind of 80 million email addresses.
Besides the personally identifiable information, two separate folders seemingly unrelated to the bureau were also found on the server. These include Lyft’s 74 bike share stations as well as the emergency call logs of the U.S. fire department.
The implications of the massive data breach are slated to have repercussions, albeit on a more ‘controlled’ setting as Social Security numbers remain unexposed, said Forbes. However, individuals whose information was on the database could still be subjected to fraudulent activity. Most are also vulnerable to identity theft and scam-related activities.
As of writing, security researchers have yet to ascertain the extent of the Google Cloud data breach. Though there have yet to be reports of malicious use, individuals are advised to periodically check their accounts for unusual activity.
