Alteryx personal data leak affects millions: Are you affected?

By: Madeleine Dean
2 minute read
Alteryx data leak

Keeping your personal information safe is getting more and more difficult. Hackers are working day and night to get their hands on your personal data, websites use cookies and other tracking tools to influence your behavior and more.

As if this weren’t enough, accidental data leaks make is very easy for your personal information to fall into the wrong hands.

The latest such example is the Alteryx data leak that affected millions of American households.

Amazon Web Services cloud storage was the repository

Cybersecurity researchers from UpGuard recently discovered that a cloud-based data repository containing data from Alteryx about millions of persons was left publicly exposed.

In October, UpGuard came across an Amazon Web Services S3 cloud storage bucket containing sensitive information.

The problem was that the default security settings allowed any AWS “Authenticated Users” to download data, as UpGuard explains.

In practical terms, an AWS “authenticated user” is “any user that has an Amazon AWS account,” a base that already numbers over a million users; registration for such an account is free. Simply put, one dummy sign-up for an AWS account, using a freshly created email address, is all that was necessary to gain access to this bucket’s contents.

While the folder does not contain any names, personal details such as addresses, phone numbers, hobbies, income and even mortgage information are indeed available, which makes it rather easy to identify the respective persons.

UpGuard researchers believe that the data actually comes from an Alteryx product.

The good news is that Alteryx already secured the database and is no longer available to the public.

Another wake-up call about privacy protection issues

Data privacy and security is one of the biggest problems in the IT industry. The entities handling sensitive personal information sometimes commit childish errors that leave millions exposed. Moreover, as UpGuard explains, most enterprises don’t even have the ability to assess the security strategies of external vendors.

[…] the concentration of publicly and commercially-gleaned data about tens of millions of American households, and the exposure of this data to anyone with a free AWS account entering a URL, shows just how devastating an exposure can be at an enormous scale. The data exposed in this bucket would be invaluable for unscrupulous marketers, spammers, and identity thieves, for whom this data would be largely reliable and, more importantly, varied. With a large database of potential victims to survey – with such details as “mortgage ownership” revealed, a common security verification question – the price could be far higher than merely bad publicity.

Taking into account this recent piece of news, check out the articles below to learn how you can protection personal information:

Next up

New Xbox Elite controller leaks with improved specs & features

By: George Finley
2 minute read

Microsoft already has in store a great piece of hardware that fans are looking forward to testing as soon as possible. We are referring to […]

Continue Reading

KB4057142 and KB4057144 fix the bugs caused by previous Win10 updates

By: Madeleine Dean
2 minute read

If you run Windows 10 version 1607 (aka Anniversary Update) or Windows 10 version 1703 (aka Fall Creators Update) on an AMD powered computer, then […]

Continue Reading

Windows 10 KB4073290 fixes AMD bootup issues but install may fail for some

By: Madeleine Dean
2 minute read

The recent Windows 10 updates aimed at fixing the Meltdown and Spectre CPU vulnerabilities also brought some issues of their own, as many users reported. […]

Continue Reading