Sensitive Data Leak: Over 170 Million Individuals Exposed Online

Sensitive data exposing a staggering amount of individuals continues to leak online, with over 170 million records discovered by the Cybernews research team on June 25th. The leaked data, originating from datasets belonging to People Data Labs (PDL), included full names, phone numbers, emails, location details, skills, professional summaries, education history, and employment history.

PDL, a San Francisco-based data broker, claims to have profiles of 1.5 billion individuals for various business purposes. The leaked dataset was labeled “PDL,” indicating its source. The unprotected Elasticsearch server responsible for the leak was not directly connected to PDL, suggesting mishandling by an unidentified third party.

This incident raises concerns about data security and the risks of identity theft, fraud, and phishing attacks for affected individuals. The Cybernews research team highlighted the dangers of leaving servers unprotected and the potential for large-scale data abuse by threat actors.

PDL previously faced a massive data leak in 2019, also due to an exposed Elasticsearch server. The current leak, marked as “Version 26.2,” may be related to the previous incident, causing reputational damage to data brokers like PDL.

Cybernews has reached out to PDL for a comment on the recent leak. Individuals impacted by the data exposure are advised to take steps to mitigate potential harm. The incident underscores the importance of robust data security measures to prevent such leaks and protect individuals’ sensitive information.