*An exclusive security research by Cybernews team has found that MC2 Data, in a massive data leak, left a database with 2.2Terabyte of consumers鈥� 鈥榗omprehensive鈥� Personally Identifiable Information (PII) passwordless and easily accessible to anyone on the Internet, and exposed 106,316,633 records containing private data about United States鈥� citizens, raising serious concerns about privacy and safety of affected individuals

Gbenga Kayode | 绿帽献妻

A recent exclusive security research has revealed that a massive data leak at MC2 Data, a background check firm, affects staggering over 100 million United States (US) citizens, Cybernews report has said.

绿帽献妻 reports MC2 Data, LLC and similar companies run public records and background check services in the American country.

MC2 Data is a 鈥減rovider of automated control and security systems.鈥�

The company’s systems provide engineered, direct digital control, and energy management systems to its clients worldwide.

Its services also gather, compile, and analyse data from a wide range of public sources, including criminal records, employment history, family data, and contact details.

They also use such private information to create comprehensive profiles that employers, landlords, and others rely on for decision-making and risk management in the country.

MC2 Data as well operates Web sites, including PrivateRecords.net, PrivateReports, PeopleSearcher, ThePeopleSearchers and PeopleSearchUSA.

It is equally noted despite dealing with incredibly huge amounts of sensitive data, 鈥渋t is not always kept secure,鈥� Cybernews security researchers stated.

The recent research finding indicated MC2 Data company has left a database with 2.2Terabyte (TB) of consumers鈥� data passwordless, and easily accessible to anyone on the Internet.

What was likely to be 鈥渁 human error鈥� exposed 106,316,633 records containing private information about US citizens, raising serious concerns about privacy and safety of the affected citizens.

Estimates suggest that at least 100 million individuals were affected by this massive data leak, report stated.

Besides the research revealed that individual organisations and people requiring background checks have also been exposed, as the data of 2,319,873 users who subscribed to MC2 Data services was leaked.

Details of leaked personal information

Report indicates the leaked data included names, e-mails, Internet Protocol (IP) addresses, user agents, encrypted passwords, partial payment information, home addresses, and dates of birth.

Other private data now exposed to the public are the subscribers鈥� phone numbers, property records, legal records, family, relatives, neighbours鈥� data, and employment history.

Data breach puts countless individuals at risk: Researchers

According to researchers, businesses that operate public records and background check services are subject to strict regulations in the US.

Aside from this requirement, such companies need to comply with various Federal, state, and local regulations in the country towards ensuring that their operations are legal and that individual consumers鈥� data is protected.

The recent leak, which the research team uncovered, raises concerns about how such entities manage and protect sensitive data, Cybernews said.

The exposure of a large volume of Personally Identifiable Information (PII) violates privacy and puts countless individuals at risk of identity theft, and other malicious attacks.

Meanwhile, MC2 Data faces potential reputational damage and legal action, according to report.

Aras Nazarovas, a cybersecurity researcher at Cybernews said: 鈥淏ackground-checking services have always been problematic, as cybercriminals would often be able to purchase their services to gather data on their victims.

鈥淲hile background-check services keep trying to prevent such cases, they haven’t been able to stop such use of their services completely.

鈥淪uch a leak is a goldmine for cybercriminals as it eases access and reduces risk for them, allowing them to misuse these detailed reports more effectively.鈥�

The researchers further opined that the leaked subscribers’ information is also troublesome, as they could be high-value targets for cybercriminals.

These subscribers could be employers, landlords, law enforcement, and similar entities, they stated.

Nazarovas also noted: 鈥淚f anyone else accessed this information, it could spark conflicts in some communities and organisations鈥� across the United States.

Cybernews reached out to MC2 Data for a comment, but a response was yet to be received as of the time of filing the report.

Kindly Share This Story