Chicago – September 28, 2024
Hot on the heels of the National Public Records data breach, which leaked more than 2 billion records, another background check firm has now had a leak.
The company in question, MC2 Data, exposed the sensitive data of around one-third of the U.S. population – 106 million people – to the entire internet.
While data leaks are sometimes unavoidable, in this case, MC2 Data is fully responsible, as it left a database containing 2.2TB of personal data passwordless.
Cybernews broke the story of this security incident, noting that on Aug. 7 its research team discovered that MC2 Data had left a database containing 2.2TB of personal data unprotected and easily accessible to anyone on the internet.
The database contained 106,316,633 records with private information about U.S. citizens, and Cybernews estimates that at least 100 million individuals were affected by this massive data leak.
The leaked data included names, emails, IP addresses, user agents, encrypted passwords, partial payment information, home addresses, dates of birth, phone numbers, property records, legal records, and family, relatives’ and neighbors’ data as well as employment history. MC2 Data even exposed data of 2,319,873 users who subscribed to its services, including individuals and organizations needing background checks.
