The personal information of 123 million American households was exposed in after marketing and analytics company Alteryx suffered a data breach, it was announced Tuesday.
Cyber risk company UpGuard announced the breach, which occurred in October. According to UpGuard, Alteryx left a database containing sensitive information on 123 million households – nearly every household in America at the time the database was created – unsecured and open to public scrutiny.
Chris Vickery, UpGuard’s cyber research director, said he discovered the database while doing a routine search of Amazon Web Services’ storage “buckets.” Vickery told the Huffington Post that anyone with a basic understanding of which key words to search for could do the same.
“I’m not the only person doing this,” Vickery told HuffPo. “I’m certain there are bad guys doing it as well as good guys.”
According to UpGuard, each of the 123 million households exposed in the data breach is described through 248 specific categories – from routine information such as phone number and address to the number of children in the household, monthly mortgage payment, and eve whether the people in the household are “cat people” or “dog people.”
The database doesn’t include individual names, Vickery said – but given the specificity of the rest of the information, that doesn’t matter.
“It gets down to a level specific enough to be dangerous, although it does not have first (and) last names,” he told HuffPo. “It’s so simple to look up somebody’s name if you have their address and their phone number.”