- The security researcher finds an unusual 38 GB database containing 10,820 records
- Names, postal addresses and more leaked to the open Internet
- The file, owned by IMDATACENTER is now closed
It has been found that IMDATACENTR, a data hygiene provider, improvement and opening of Florida headquarters, it has been found that thousands of open internet confidential records leaked.
Security researcher Jeremiah Fowler discovered a non -encrypted database and not protected by raisins, which contains 10,820 records. It had a 38 GB size, with most .CSV spreadsheet files with “thousands or hundreds of thousands of pii rows.”
There is still no evidence of abuse in nature, but the PII (identification information personally) included names of people, postal addresses, email addresses, telephone numbers and lifestyle information or property.
Blocking the database
“The records seemed to be a storage repository for customer orders labeled such as” reports “and” results, “Fowler told Website planet.
“The names of the files indicated that these lists were used for multiple purposes, including potential sales and marketing customers for industries such as insurance, solar, elections, car guarantees, hospitals, medical care providers and more.”
IMDATACENTER is a Brooks Integrated Marketing division based in Florida, which offers a platform to improve marketing data, including identity resolution, phone opening and email, complete integrated marketing opening (top) and more.
The platform data library covers 260 million people, 130 million homes, 600 million emails, 550 million telephone numbers and more.
Fowler contacted the company to warn them about escape information, and the database was blocked shortly after.
“Data security is also really important for us and we really appreciate that you share this information with us,” they told the researcher. “We are working to ensure information as soon as possible.”
The researcher also emphasized that many companies hire third -party service providers to possess and manage such databases. It is unknown who maintains the imdatacenter. It is also unknown if any malicious actor found the database in the past or abused it of phishing, identity theft or similar impersonation attacks.
