A massive trove of consumer data containing information on as many as 230 million consumers and 110 million businesses may have been exposed by U.S. marketing firm Exactis.
Vinny Troia, a cybersecurity researcher, told Wired that he discovered the database on a publicly accessible server earlier this month. He said the trove contained 340 million records that included names, addresses, phone numbers and email addresses.
The database did not appear to contain any financial information, Troia said, adding that he contacted the FBI about his discovery.
{mosads}
“It seems like this is a database with pretty much every U.S. citizen in it,” Troia told the magazine. “I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen.”
Exactis is based in Palm Coast, Fla. The marketing company did not immediately respond to requests for comment.
It’s not clear whether a hacker accessed the database, but Troia said it was not hard for him to find.
If the researcher’s suspicions are confirmed, the breach would vastly exceed last year’s Equifax hack that exposed personal data on 145.5 million people.