A new data breach may have exposed personal information of almost every American adult
A little-known Florida company may have exposed the personal data of nearly every American adult, according to a new report. Wired reported Wednesday that Exactis, a Palm Coast, Fla.-based marketing and data-aggregation company, had exposed a database containing almost 2 terabytes of data, containing nearly 340 million individual records, on a public server. That included records of 230 million consumers and 110 million businesses.
While the database apparently does not include credit-card numbers or Social Security numbers, it does include phone numbers, email and postal addresses as well as more than 400 personal characteristics, such as whether a person is a smoker, if they own a dog or cat, their religion and a multitude of personal interests. Even though no financial information was included, the breadth of personal data could make it possible to profile individuals or help scammers steal identities. Troia told Wired that he was easily able to access the database on the internet, and in theory, plenty of other people could have too.
He said he warned Exactis and the FBI about the vulnerability, and the data is no longer publicly accessible. On its website, Exactis said it maintained 3.5 billion consumer, business and digital records, including “demographic, geographic, firmographic, lifestyle, interests, CPG, automotive, and behavioral data.” The company said it has data on 218 million individuals and 110 million U.S. households.
There are about 325 million residents in the U.S., with about 244 million adults and 126 million households, according to the U.S. Census Bureau.