Jump to content

Online marketing company exposes 38+ million US citizen records

HempBoosh
By HempBoosh
in Tech News
 Share
Posted

Summary

The CyberNews research team discovered an unsecured data bucket that belongs to View Media, an online marketing company. The bucket contains close to 39 million US user records, including their full names, email and street addresses, phone numbers and ZIP codes.

On July 29, the exposed View Media bucket was closed by Amazon and is no longer accessible.

 

Quotes

Quote

 

The publicly available Amazon S3 bucket contained 5,302 files, including:
  • 700 statement of work documents for targeted email and direct mail advertising campaigns stored in PDF files
  • 59 CSV and XLS files that contained 38,765,297 records of US citizens in total, of which 23,511,441 records were unique
The user record files were created based on locations and ZIP codes that the marketing company’s campaigns were targeting and contained full names, addresses, zip codes, emails, and phone numbers of people based in the US.

 

Quote

The unsecured Amazon S3 bucket appears to belong to View Media, an online marketing company that specializes in email marketing, display advertising, design, hosting, direct mails, date sales, and other digital marketing services. The company offers targeted marketing services to American publishing brands like Tribune Media and Times Media Group.

 

My thoughts

This is a huge amount of personal data and it's frustrating that the company refused to comment or even notify users of this leak. It's really annoying that we have to suffer because some company decides it would be better to save face. We really need to hold these companies more accountable.

 

Sources

https://cybernews.com/security/online-marketing-company-exposes-data-of-millions-americans/

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It's the new normal. If you're large enough like a major US credit agency, you don't even get a slap on the wrist. More like a stern look and a shake of the index finger.

 

#same as it ever was.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Every time I see one of these headlines, im internally saying to myself "Please don't be another bucket breach...  Please don't be another bucket breach...  GOD DAMMIT ITS ANOTHER BUCKET BREACH, WHY ARE PEOPLE SO DAMN STUPID?"  It takes effort to make an s3 bucket insecure.  How do people keep screwing that up?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

At this rate someone will stage a robbery to steal hard drives from Amazon's servers.

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 9 5900X          Case: Antec P8     PSU: Corsair RM850x                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
28 minutes ago, williamcll said:

At this rate someone will stage a robbery to steal hard drives from Amazon's servers.

Nah. At the rate "stuff was stolen from AWS" is going, there will be Russian tourists invited in the front door.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Oh look.  Yet another massive privacy breach.  These companies need more significant penalties for this sort of thing.  A few million dollars in fines is like pocket change to them.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×