Alteryx personal data leak affects millions: Are you affected?

Madeleine Dean By: Madeleine Dean
2 minute read
Alteryx data leak

Home » Alteryx personal data leak affects millions: Are you affected?

Keeping your personal information safe is getting more and more difficult. Hackers are working day and night to get their hands on your personal data, websites use cookies and other tracking tools to influence your behavior and more.

As if this weren’t enough, accidental data leaks make is very easy for your personal information to fall into the wrong hands.

The latest such example is the Alteryx data leak that affected millions of American households.

Amazon Web Services cloud storage was the repository

Cybersecurity researchers from UpGuard recently discovered that a cloud-based data repository containing data from Alteryx about millions of persons was left publicly exposed.

In October, UpGuard came across an Amazon Web Services S3 cloud storage bucket containing sensitive information.

The problem was that the default security settings allowed any AWS “Authenticated Users” to download data, as UpGuard explains.

In practical terms, an AWS “authenticated user” is “any user that has an Amazon AWS account,” a base that already numbers over a million users; registration for such an account is free. Simply put, one dummy sign-up for an AWS account, using a freshly created email address, is all that was necessary to gain access to this bucket’s contents.

While the folder does not contain any names, personal details such as addresses, phone numbers, hobbies, income and even mortgage information are indeed available, which makes it rather easy to identify the respective persons.

UpGuard researchers believe that the data actually comes from an Alteryx product.

The good news is that Alteryx already secured the database and is no longer available to the public.

Another wake-up call about privacy protection issues

Data privacy and security is one of the biggest problems in the IT industry. The entities handling sensitive personal information sometimes commit childish errors that leave millions exposed. Moreover, as UpGuard explains, most enterprises don’t even have the ability to assess the security strategies of external vendors.

[…] the concentration of publicly and commercially-gleaned data about tens of millions of American households, and the exposure of this data to anyone with a free AWS account entering a URL, shows just how devastating an exposure can be at an enormous scale. The data exposed in this bucket would be invaluable for unscrupulous marketers, spammers, and identity thieves, for whom this data would be largely reliable and, more importantly, varied. With a large database of potential victims to survey – with such details as “mortgage ownership” revealed, a common security verification question – the price could be far higher than merely bad publicity.

Taking into account this recent piece of news, check out the articles below to learn how you can protection personal information:

Discussions

Next up

People bar to be dropped in upcoming Windows 10 version

Giles Ensor avatar. By: Giles Ensor
2 minute read

Reports are being circulated that Microsoft intends to drop the People bar feature in the Windows 10 19H1 update. The original report came from a […]

Continue Reading

Warning! Nasty new Office 365 phishing attack doing the rounds

Giles Ensor avatar. By: Giles Ensor
2 minute read

A new and very nasty phishing attack has been doing the rounds, and it is extremely difficult to spot. Here is what you need to […]

Continue Reading

6 best personal cloud storage solutions for your files and folders

Daniel Segun By: Daniel Segun
Less than a 1 minute read

Are you looking for the best personal cloud storage application for your Windows 10 PC? Windows Report has got you covered! File storage has come […]

Continue Reading