Alteryx personal data leak affects millions: Are you affected?

2 minute read
Alteryx data leak

Home » News » Alteryx personal data leak affects millions: Are you affected?

Keeping your personal information safe is getting more and more difficult. Hackers are working day and night to get their hands on your personal data, websites use cookies and other tracking tools to influence your behavior and more.

As if this weren’t enough, accidental data leaks make is very easy for your personal information to fall into the wrong hands.

The latest such example is the Alteryx data leak that affected millions of American households.

Amazon Web Services cloud storage was the repository

Cybersecurity researchers from UpGuard recently discovered that a cloud-based data repository containing data from Alteryx about millions of persons was left publicly exposed.

In October, UpGuard came across an Amazon Web Services S3 cloud storage bucket containing sensitive information.

The problem was that the default security settings allowed any AWS “Authenticated Users” to download data, as UpGuard explains.

In practical terms, an AWS “authenticated user” is “any user that has an Amazon AWS account,” a base that already numbers over a million users; registration for such an account is free. Simply put, one dummy sign-up for an AWS account, using a freshly created email address, is all that was necessary to gain access to this bucket’s contents.

While the folder does not contain any names, personal details such as addresses, phone numbers, hobbies, income and even mortgage information are indeed available, which makes it rather easy to identify the respective persons.

UpGuard researchers believe that the data actually comes from an Alteryx product.

The good news is that Alteryx already secured the database and is no longer available to the public.

Another wake-up call about privacy protection issues

Data privacy and security is one of the biggest problems in the IT industry. The entities handling sensitive personal information sometimes commit childish errors that leave millions exposed. Moreover, as UpGuard explains, most enterprises don’t even have the ability to assess the security strategies of external vendors.

[…] the concentration of publicly and commercially-gleaned data about tens of millions of American households, and the exposure of this data to anyone with a free AWS account entering a URL, shows just how devastating an exposure can be at an enormous scale. The data exposed in this bucket would be invaluable for unscrupulous marketers, spammers, and identity thieves, for whom this data would be largely reliable and, more importantly, varied. With a large database of potential victims to survey – with such details as “mortgage ownership” revealed, a common security verification question – the price could be far higher than merely bad publicity.

Taking into account this recent piece of news, check out the articles below to learn how you can protection personal information:


Next up

Top 5 cross-platform cloud backup services to keep your data safe

Daniel By: Daniel
Less than a 1 minute read

Cloud backup, which is otherwise known as online backup, has become a necessity for computer users today. Due to the spate of file/data theft, loss, […]

Continue Reading

GameStop pre-owned games don’t work

Vladimir Popescu avatar. By: Vladimir Popescu
3 minute read

If your visit to GameStop concluded in buying some pre-owned games that don’t work, you are not the only one. A large number of people […]

Continue Reading

[FIX] Server execution failed error inside the Add roles and features

Vladimir Popescu avatar. By: Vladimir Popescu
3 minute read

If you find yourself looking at a Server execution failed error inside the Add roles and Features wizard, you must know you are not the […]

Continue Reading