Future and its affiliate partners may earn a commission when you purchase through links on our articles.
Image source: Shutterstock
Personal records leaked by country
Even if you’re extra careful online and take all the right precautions to protect your account and the data it contains, your personal information can still end up on the dark web. For example, 1 billion personal records from 26 countries around the world were just discovered to be left in an unsecured database.
No, this was not a data breach, nor were hackers involved in any way. Instead, it was a data breach discovered by the Cybernews team, where a company accidentally left all those records online unprotected without a password.
Based on the findings, Cybernews believes the affected database belongs to digital identity verification solutions provider IDMerit. Personal data in this database is used by other companies to authenticate users in the United States, Canada, Australia, Mexico and other countries.
Although cybercriminals were not behind this massive new data breach, as was the case with online news teams, they could have accessed and downloaded the exposed data for use in future attacks.
Here’s everything you need to know about this new data breach, including steps you can take now to ensure you’re protected against any potential attacks or scams.
Exposed personal data
Image source: Getty Images
Like many security researchers such as Jermeiah Fowler, news media teams and others, including cybercriminals, often scour the Internet for exposed databases. Cybernews discovered a large number of exposed personal records on November 11 and immediately contacted the company, which subsequently secured the database.
In total, the database holds 1 TB of data for users in 26 countries. The United States was hardest hit, with 204 million records compromised, followed by Mexico (123 million) and the Philippines (72 million).
Given that the database was left unsecured for some time, the following personal data was exposed online:
-
Violation status and social profile annotations
With all this valuable personal data, cybercriminals can launch all manner of attacks and scams, including account takeovers, targeted phishing attacks, credit fraud, SIM swaps and even identity theft. To make matters worse, all this leaked data is structured, which will make searching these records much easier than unstructured data.
How to stay safe after a data breach
Image source: Shutterstock
Just like a data breach, if your personal records were exposed in this breach, you may receive a data breach notification letter in the mail. If so, you should follow the instructions in the letter and take advantage of the free access to one of the best identity theft protection services, if offered.
But if not, there are still many things you can do to stay safe after a data breach. First, you need to keep an eye out for any suspicious calls or messages, as they could be targeted phishing attacks designed to steal more of your data. These messages may arrive via email or text message, so be wary of any messages from unknown senders.
Signing up for identity theft protection is a great way to protect yourself after a major breach, as these services can help you recover your stolen identity as well as any funds lost to scams or fraud. As always, though, it’s also a good idea to protect your Windows PC with the best antivirus software or your Apple computer with the best Mac antivirus software. The reason is that these phishing emails may come with malicious attachments designed to infect your device with malware.
As for this data breach, hopefully we’ll hear more from IDMerit, and if so I’ll update this post with any new information. Either way, you’ll want to make sure you take all the necessary precautions, such as being careful where you click, to protect yourself from any attacks trying to exploit this exposed data.
follow Tom’s Guide to Google News and Add us as your preferred source Get our latest news, analysis and commentary right in your feed.