Exactis appears reluctant to offer any comments regarding the leak, however, the company has apparently shielded the data in question - so it's no longer available to the public.
A massive trove of consumer data containing information on as many as 230 million consumers and 110 million businesses may have been exposed by US marketing firm Exactis. But if the revelation that Exactis left 340 million records accessible to anyone who searched for it is any indicator, they aren't particularly good at protecting that data.
"It seems like this is a database with pretty much every USA citizen in it", Troia, who's also founder of New York-based security company Night Lion Security, told Wired, which also asked Troia to look up names in the database and confirmed the authenticity of some of the information, although some of it was outdated.
The records include home addresses, phone numbers, email addresses and other sensitive information for named individuals. According to Troia, the records are divided into dozens of different fields that can identify whether a person reads books, owns a dog or cat, or invests in real estate.
The server has since been secured, but this is another worrying tale of a company hoarding personal data with a lack of regard for security and privacy.
A little-known marketing firm may have exposed the personal information of every adult in the US.
A marketing firm has reportedly leaked detailed information on hundreds of millions of Americans online.
Iran’s Rouhani: Iran will not give in to pressure from Trump
The administration is warning its allies against buying Iranian oil by the time new sanctions take effect on November 4. In response to the U.S.' statements, Iran responded in a similar way as it does in general.
Troia said he informed Exactis and the Federal Bureau of Investigation that he was able to access the database on the internet earlier this month.
Among these results was the Exactis datatabase, totally unprotected.
Troia added, "I don't know where the data is coming from, but it's one of the most comprehensive collections I've ever seen".
The official Exactis website says it is "a leading compiler and aggregator of premium business and consumer data with over 3.5 billion records".
If these estimates are accurate, the leak would be even larger than the Equifax data breach of 2017, which exposed the personal data of around 145 million people. Troia wasn't specifically looking for a leak from the company; he was merely using the Shodan search tool to find ElasticSearch databases. Considering the current population of the United States is said to be around 325 million, chances are high that your information was on its servers.
It's not known exactly how many people were caught up in the data breach, but 340 million files were uploaded to a publicly accessible server.