Give your name, government ID, a photo, and other info to a phone app. What could possibly go wrong? From Anthony Spadafora at Tom's Guide: 1 billion personal records exposed in massive new data leak — full names, addresses, phone numbers and more
The company IDMerit uses an AI system to verify your age for various reasons. All well and good, except that they had a complete lack of security. Or maybe not complete, but certainly not enough security.
No, this wasn’t a data breach, and hackers weren’t involved in any way whatsoever. Instead, this was a data leak discovered by the team at Cybernews, where a company accidentally left all of those records unprotected online without a password.
Based on its findings, Cybernews believes the exposed database in question belongs to IDMerit, which is a digital identity verification solutions provider. The personal data in that database was used by other companies to verify users in the U.S., Canada, Australia, Mexico and loads of other countries.
Click thru for the details. The data includes enough to facilitate phishing campaigns, or account takeovers of cellphone accounts. Or more.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.