Alteryx personal data leak affects millions: Are you affected?
As if this weren’t enough, accidental data leaks make is very easy for your personal information to fall into the wrong hands.
The latest such example is the Alteryx data leak that affected millions of American households.
Amazon Web Services cloud storage was the repository
Cybersecurity researchers from UpGuard recently discovered that a cloud-based data repository containing data from Alteryx about millions of persons was left publicly exposed.
In October, UpGuard came across an Amazon Web Services S3 cloud storage bucket containing sensitive information.
The problem was that the default security settings allowed any AWS “Authenticated Users” to download data, as UpGuard explains.
In practical terms, an AWS “authenticated user” is “any user that has an Amazon AWS account,” a base that already numbers over a million users; registration for such an account is free. Simply put, one dummy sign-up for an AWS account, using a freshly created email address, is all that was necessary to gain access to this bucket’s contents.
While the folder does not contain any names, personal details such as addresses, phone numbers, hobbies, income and even mortgage information are indeed available, which makes it rather easy to identify the respective persons.
UpGuard researchers believe that the data actually comes from an Alteryx product.
The good news is that Alteryx already secured the database and is no longer available to the public.
Another wake-up call about privacy protection issues
Data privacy and security is one of the biggest problems in the IT industry. The entities handling sensitive personal information sometimes commit childish errors that leave millions exposed. Moreover, as UpGuard explains, most enterprises don’t even have the ability to assess the security strategies of external vendors.
[…] the concentration of publicly and commercially-gleaned data about tens of millions of American households, and the exposure of this data to anyone with a free AWS account entering a URL, shows just how devastating an exposure can be at an enormous scale. The data exposed in this bucket would be invaluable for unscrupulous marketers, spammers, and identity thieves, for whom this data would be largely reliable and, more importantly, varied. With a large database of potential victims to survey – with such details as “mortgage ownership” revealed, a common security verification question – the price could be far higher than merely bad publicity.
Taking into account this recent piece of news, check out the articles below to learn how you can protection personal information:
- Best Privacy Protection Software for Windows 10
- These are the best Chrome extensions to protect your privacy in 2017
- 10 best VPN software clients for Windows 10
Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]
The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]